Skip to main content

Advertisement

Advertisement

Researcher denied flight after tweet poking United security

WASHINGTON — United Airlines stopped a prominent security researcher from boarding a California-bound flight yesterday (April 19), following a social media post by the researcher days earlier suggesting the airline’s on-board systems could be hacked.

United Airlines disallowed Mr Chris Roberts from boarding his flight due to his post on Twitter regarding the airline's systems. Photo: Reuters

United Airlines disallowed Mr Chris Roberts from boarding his flight due to his post on Twitter regarding the airline's systems. Photo: Reuters

Follow TODAY on WhatsApp

WASHINGTON — United Airlines stopped a prominent security researcher from boarding a California-bound flight yesterday (April 19), following a social media post by the researcher days earlier suggesting the airline’s on-board systems could be hacked.

The researcher, Mr Chris Roberts, attempted to board a United flight from Colorado to San Francisco to speak at a major security conference there this week, but was stopped by the airline’s corporate security at the gate. Mr Roberts founded One World Labs, which tries to discover security risks before they are exploited.

Mr Roberts had been removed from an earlier United flight on Wednesday by the Federal Bureau of Investigation (FBI) after landing in Syracuse, New York, and was questioned for four hours after jokingly suggesting on Twitter he could get the oxygen masks on the plane to deploy. Authorities also seized Mr Roberts’ laptop and other electronics, although his lawyer says he has not seen a search warrant.

A lawyer for Mr Roberts said United gave him no detailed explanation on Saturday why he was not allowed on the plane, saying instead the airline would be sending Mr Roberts a letter within two weeks stating why they would not let him fly on their aircraft.

“Given Mr Roberts’ claims regarding manipulating aircraft systems, we’ve decided it’s in the best interest of our customers and crew members that he not be allowed to fly United,” airline spokesman Rahsaan Johnson told The Associated Press. “However, we are confident our flight control systems could not be accessed through techniques he described.”

When asked what threat Mr Roberts posed if United’s systems could not be compromised, Mr Johnson said yesterday: “We made this decision because Mr Roberts has made comments about having tampered with aircraft equipment, which is a violation of United policy and something customers and crews shouldn’t have to deal with.”

Mr Johnson said the airline reached Mr Roberts several hours before his flight to tell him he could not fly. But a lawyer for Mr Roberts said Sunday that when his client received that call, the caller would only say he or she was from United, and would not give Roberts a name or callback number. When Roberts then tried calling the number back from his phone’s caller ID, it rang instead to a resort hotel, and Mr Roberts assumed it was a prank call, Mr Roberts’ lawyer said.

In recent weeks, Mr Roberts gave media interviews in which he discussed airline system vulnerabilities. “Quite simply put, we can theorise on how to turn the engines off at 35,000 feet and not have any of those damn flashing lights go off in the cockpit,’’ he told Fox News.

Mr Roberts also told CNN he was able to connect to a box under his seat at least a dozen times to view data from the aircraft’s engines, fuel and flight-management systems.

“It is disappointing that United refused to allow him to board, and we hope that United learns that computer security researchers are a vital ally, not a threat,” said Mr Nate Cardozo, a staff attorney with the San Francisco-based Electronic Frontier Foundation, which represents Mr Roberts.

Mr Cardozo said yesterday he has not seen a copy of a search warrant that would have been used to seize Mr Roberts’ electronics, and that he is working to get the devices returned.

The FBI declined to comment yesterday. An FBI spokesman did not return multiple emails seeking comment about the matter.

The Government Accountability Office said last week that some commercial aircraft may be vulnerable to hacking over their on-board wireless networks. “Modern aircraft are increasingly connected to the Internet. This interconnectedness can potentially provide unauthorised remote access to aircraft avionics systems,’’ its report found.

Mr Roberts took an alternate flight on Southwest Airlines and arrived in San Francisco on Saturday evening. He speaks this week at the RSA Conference about computer security vulnerabilities. AP

Read more of the latest in

Advertisement

Advertisement

Stay in the know. Anytime. Anywhere.

Subscribe to get daily news updates, insights and must reads delivered straight to your inbox.

By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.