Since 9/11, the Federal Aviation Administration has implemented many air security protocols with varying degrees of success—we examined the agency’s work in general here.
There’s one FAA initiative, however, that still troubles some security experts: the increased use of cell phones on planes.
The agency initially banned passengers from using cell phones on board aircraft after 9/11, fearing the devices posed a cybersecurity threat and could interfere with aircraft navigation.
But the FAA relaxed those standards in recent years, allowing customers to now use cell phones, e-readers and tablets provided the devices are in airplane mode. Broadband companies seized on this opportunity (the most well-known is Gogo, which has worked with airlines since 2008) and consumers were thrilled that they could stay connected (Louis C.K. raved about airplane Wi-Fi on Late Night with Conan O’Brien).
When the FAA announced its most recent Wi-Fi expansion of cell phone service in 2013, Transportation Secretary Anthony Foxx said the decision was made because of “consumers’ increasing desire to use their electronic devices during all phases of their flights.”
As the Observer has previously reported, however, most in-flight wi-fi networks (including Gogo) lack strong encryption, compromising users’ security and exposing them to cyberattacks.
When we asked our panel of security experts about this issue, some downplayed the risks—Kenneth Button, a professor of transportation policy at George Mason University, pointed out that cyberattackers are more likely to carry out operations remotely, while Ty Osbaugh, principal of aviation at architecture firm Gensler, asserted that a new ban wouldn’t do any good.
“If I’m intent on causing that level of chaos in the air, I’m going to ignore the warnings and do it anyway,” Osbaugh said. “That won’t stop a threat.”
Richard Blech, founder and CEO of the cybersecurity firm Secure Channels, rejected this view, however—he said that giving passengers extra layers of protection was more important than letting them read email at 30,000 feet.
“It’s a huge convenience to travelers, but the security risk is far too great,” he said. “That may sound like a pretty draconian approach, but that’s the world we’re living in.”
Particularly worrisome is the fact that passengers have access to private messaging services like WhatsApp and Viber, along with more common social networks like Facebook—any of these can be used to communicate with someone on the ground and get the go-ahead to attack.
“There’s a chance for an incident because you’ve got live, real time communication,” Blech said. “We can’t make changes after an event as a reaction to something that could’ve been prevented. We have to think about it now. The more exposed we are, the more incidents could occur.”