马航MH370失联缘于网络劫机？

As the search for the missing Malaysia Airlines Flight MH370 continues, investigators have come across some startling evidence that the plane could have been hijacked using a mobile phone or even a USB stick. The theory comes from a British anti-terrorism expert who says cyber terrorists could have used a series of “codes” to hack the plane’s in-flight entertainment system and infiltrate the security software.

According to Sally Leivesley, a former scientific adviser to the UK’s Home Office, the Boeing 777’s speed, direction and altitude could have been changed using radio signals sent from a small device. The theory comes after investigators determined that someone with knowledge of the plane’s system intentionally flew the jet off course.

“It might well be the world’s first cyber hijack,” Leivesley told the U.K.’s Sunday Express. “This is a very early version of what I would call a smart plane, a fly-by-wire aircraft controlled by electronic signals.”

Leivesley said that the evidence increasingly indicates that someone took over the plane’s controls “in a deceptive manner” and overwhelmed the plane’s system either remotely or from a seat on the plane.

“There appears to be an element of planning from someone with a very sophisticated systems engineering understanding,” she said. “When the plane is air-side, you can insert a set of commands and codes that may initiate, on signal, a set of processes.”

Investigators have also proposed that the pilots themselves could have switched the plane’s communication equipment off and redirected the plane west, but officials say it would have been very difficult for them to make the plane disappear from radar. Commercial aviation pilots who spoke with NPR said shutting down the system, which is designed to automatically communicate with ground control stations, is far more complicated than throwing a single switch.

“They said you'd have to go through big checklists, you'd have to possibly pull circuit breakers if you wanted to deactivate [all the communications equipment],” NPR’s Geoff Brumfiel told “All Things Considered” host Robert Siegel. “So, to do this, you'd have to have some degree of premeditation and a lot of knowledge of the aircraft.”

Further evidence supporting the cyber hijack theory comes from the fact that Boeing had previously expressed concern over the security of the plane’s systems, and had even contacted the U.S. Federal Aviation Administration for permission to change some of the onboard equipment. In August 2017, Boeing applied to have additional security installed aboard several of its 777 series aircraft.

Boeing was concerned that the aircrafts’ inflight entertainment system, which includes USB connections, could allow hackers to access a plane’s computer. The Federal Aviation Administration granted Boeing permission to change its inflight systems five months ago.

"The integrated network configurations in the Boeing Model 777-200, -300, and -300ER series airplanes may enable increased connectivity with external network sources and will have more interconnected networks and systems, such as passenger entertainment and information services than previous airplane models,” the U.S. Federal Register stated in a Nov. 2013 report. “This may enable the exploitation of network security vulnerabilities and increased risks potentially resulting in unsafe conditions for the airplanes and occupants."

Last year, a Spanish researcher showed it was possible to hack a plane using a mobile phone. According to WTOP, during a presentation in April 2013 at the Hack-In-The-Box security summit in Amsterdam, Hugo Teso allegedly proved that with an Android smartphone, a specific “attack code” and an Android app called PlaneSploit, he could hijack both a plane’s system as well as the pilot’s display.

The FAA quickly denied Teso’s assertion that he could remotely commandeer a plane.

"The described technique cannot engage or control the aircraft's autopilot system using the FMS or prevent a pilot from overriding the autopilot," the FAA said in a statement following Teso’s demonstration. "Therefore, a hacker cannot obtain 'full control of an aircraft' as the technology consultant has claimed."

马航失联客机MH370的搜救工作仍在继续，与此同时，调查人员惊讶地发现，飞机可能是被手机甚至USB设备劫持。该理论来自一位英国反恐专家，说网络恐怖分子可能使用了一连串“代码”侵入机上的飞行娱乐系统，并渗透到安全防护软件中。

英国内政部（Home Office）前科学顾问萨利·李维斯利（Sally Leivesley）表示，一个小设备发出的无线电讯号改变了波音777飞行速度、航向和高度。在调查人员发现是有了解飞行系统运作的人故意使飞机偏离航道后，她提出了这个“网络劫机”的说法。

“这可能是世界首例网络劫机事件，”李維斯利在接受英国《周日快报》（Sunday Express）采访时说道。“我更愿意将其称之为智能飞机的雏形，由通过电子信号操控的遥控式飞机。”

李維斯利称，越来越多的证据表明，有人“以欺骗的方式”接管了飞机，远程或者就在飞机上操控着飞机系统。

她说：“似乎有一位非常通晓系统工程的人在参与此事，飞机在控制区时，可以插入一套指令和代码，发出信号启动一组进程。”

调查人员之前也曾指出，可能是飞行员人为关闭飞机通讯设备，再驾驶飞机西行，但官方回应称即使那样，也很难使飞机避开雷达监测。商业航空飞行员在接受美国国家公共电台（NPR）采访时表示，飞机系统可以自动与地面控制台取得联系，关闭系统不是像关闭一个开关那么简单。

“他们说要关闭（所有通信设备），得完成许多操作步骤，可能得拉下断路器开关。”NPR的杰夫·姆菲尔（Geoff Brumfiel）对《All Things Considered》节目主持人罗伯特·西格尔（Robert Siegel）说道。“这样的话，得事先经过一些策划，并精通飞机原理。”

此前波音公司曾表示波音飞机系统可能存在安全隐患，并向美国联邦航空管理局申请更换部分机载设备，这进一步验证了“网络劫机”的可能性。2017年8月，波音公司在其部分777型飞机上加强了安保系统。

波音公司曾担心，机上的飞行娱乐系统带有USB接口，黑客可能会趁此侵入飞机的电脑系统。5个月前，联邦航空管理局同意波音公司更换飞行系统。

美国联邦公报在2013年11月的一份报告指出，“与先前的机型相比，波音777-200, -300型飞机的整体网络配置可能会加强与外部网络源的连通性，有更多的互联网和系统，如乘客娱乐和信息服务。同时这可能产生网络安全漏洞，增加风险，导致对飞机和机内人员不利的状况。”

2013年，一位西班牙研究员指出，通过手机劫持飞机是可能的。据华盛顿WTOP电台消息，2013年4月阿姆斯特丹HITB安全峰会上的一块讲演中，雨果·特索（Hugo Teso）据称能够通过一部安卓智能手机，一串特殊的“攻击代码”，和一款PlaneSploit应用，就能侵入一架飞机的系统以及飞行员的显示器。

联邦航空管理局很快否定了特索能远程控制飞机的说法。

“特索提出的方法不能侵入或控制飞机的自动驾驶系统（采用的是飞行管理系统），也不能阻碍飞行员控制自动驾驶仪。“FAA在随后的一份声明中说道，”因此，黑客无法做到像这位技术顾问声称的‘完全控制飞机’。”