Patrick Ky, executive director of the European Aviation Safety Agency, warned that hackers are able to maliciously infiltrate an aircraft’s critical systems. Ky says that a consultant hired by the agency exploited weaknesses in the Aircraft Communications Addressing and Reporting System (ACARS) that is used to transmit communications between aircraft and ground stations. He says that the consultant, a professional pilot, cracked the ACARS within five minutes and the aircraft control system on the ground within a couple of days.

Research conducted by the International Civil Aviation Organization asserts that aircraft navigation and other control systems are separated from such non-critical systems as entertainment, so that the risk of hacking into critical systems is low. However, experts indicate that because ACARS uses a proprietary encoding/decoding scheme that dates from 1978, it is vulnerable.

Ky urged for the protection of next-gen air traffic systems such as the Single European Sky ATM Research (SESAR) program that relies on satellite-based communications, navigation and surveillance systems. The next major update of the program is slated to be completed in October 2016. Those in charge of the rollout acknowledge the critical nature of cybersecurity and are demanding that underlying technologies be vetted via a new risk analysis.