FBI: Computer expert briefly made plane fly sideways

Elizabeth Weise | USA TODAY

SAN FRANCISCO — A computer security expert hacked into a plane's in-flight entertainment system and made it briefly fly sideways by telling one of the engines to go into climb mode.

Chris Roberts of One World Labs in Denver was flying on the plane at the time it turned sideways, according to an FBI search warrant filed in April.

The warrant was first publicized on Friday by APTN, a Canadian News Service.

Roberts told the FBI he had hacked into planes "15 to 20 times," according to court documents first made public Friday.

Roberts first made news in April when he was told he couldn't fly on United Airlines because of tweets he had made about whether he could hack into the flight's onboard computer settings.

The FBI search warrant describes him doing just that.

According to the document, in an interview on Feb. 13, 2015, Roberts told agents he had hacked into in-flight entertainment centers on Boeing 737s, 757s and Airbus A-320 aircraft "15 to 20 times."

The warrant describes how Roberts would wiggle and squeeze the Seat Electronic Box under his seat, which connected to the plane's in-flight entertainment system, or IFE.

He would then connect a cable to the box and connect it to his computer. From there, Roberts was able to hack into the plane's IFE system using default IDs and passwords.

He overwrote computer code for the planes' thrust management computer, which he told agents allowed him to make the plane climb on his command.

At least once, according to the document, he told one engine on a plane to climb, causing the plane to move sideways as it flew.

Roberts also used software to monitor traffic from the cockpit, according to the search warrant request.

Roberts is a well-known and respected expert on computer security. He told the FBI he was furnishing the information "because he would like the vulnerabilities fixed."

APRIL 15 POSSIBLE TAMPERING

FBI agents had spoken with Roberts several times, according to the document. They told him that accessing an airplane network without authorization was a violation of federal statues.

Roberts told them he understood and that he would not hack into any more airplanes, according to the document.

On April 15, Roberts flew United from Denver to Chicago. On the flight, he tweeted about the possibility of accessing the plane's In Flight Entertainment system.

The FBI sent an agent to inspect the flight when it arrived in Philadelphia, where it had flown after Chicago.

The agent inspected the Seat Electronic Box below seats 2A and 2B and found evidence of damage and tampering.

Roberts flew from Chicago to Syracuse, N.Y. When he arrived, FBI agents took him into custody and seized as digital evidence his computer, hard drives and other gear he had with him.

The search warrant application was for permission to search Roberts' computer gear.

Roberts has not been charged with any crimes.

Requests for comment from the FBI, United Airlines and Roberts' company produced no immediate response.