Part of the process of figuring out the mystery of MH370 is finding explanations for the seemingly inexplicable things that happened. Part two is trying to verify whether those explanations hold water.
Today we revisit a topic that we explored in depth back in Episode 10, “The Vulnerability,” in which we talked about an idea that Victor Iannello and I have both worked on—namely, that MH370 had an unsual vulnerability that would have allowed a sophisticated attacker on board the plane alter the data in its satellite communications system so that when investigators looked at the data later they would think the plane went south when it really went north. (If you’re interested in learning the details of the theory, I’ve posted a précis here.)
I’ve been thinking about this idea for a long time. There was even a whole episode of the Netflix documentary “MH370: The Plane That Disappeared” about it. But it’s taken this podcast to spur me to do something I wish I had done a long time ago, which is to seek out the opinion of cybersecurity professionals. From the perspective of someone whose job it is to assess potential hacking vulnerabilities, does it seem like MH370 had one?
I was able to tap the expertise of someone who really knows his stuff, Ken Munro, the founder of Pen Test Partners in the UK. As the name implies, Ken’s company specializes in penetration testing, which means that they probe a client’s computer network for vulnerabilities to see if they can get inside the system. The idea is by imagining all the ways a bad guy could hurt you, you can take steps to prevent them from happening. Though his skills are applicable in every corner of IT, Ken specializes in aviation. Recently he and his team were able to a real 747 that wasn’t being used and borrow it for a bit to test it for security vulnerabilities (and found some interesting ones).
I figured if anyone could tell whether a proposed vulnerability is plausible or not, it would be Ken.
Share this post