"Embry-Riddle Cybersecurity Student Earns Place on Boeing's Security Hall of Fame"
Kestral Carlough, a Cyber Intelligence and Security student at Embry-Riddle Aeronautical University, was recently inducted into Boeing's Security Hall of Fame for finding and reporting a security flaw in a popular flight application. Carlough began a research project under the direction of Dr. Krishna Sampigethaya, department chair and associate professor of Cyber Intelligence and Security at Embry-Riddle's Prescott Campus, to prevent air-traffic-related threats such as Denial-of-Service (DoS) attacks against portable Electronic Flight Bags (EFBs) connected to an insecure guest network. His focus on wireless network interfaces led him to discover a security flaw in a popular EFB application. He reported the vulnerability to Boeing, and as a result of his efforts, the security flaw was fixed. Carlough explained that airlines use EFBs to eliminate paper from their operations, and pilots use EFBs to monitor weather data, air traffic, and other flight-planning information. He initially focused on how to penetrate the application, which involved controlling the display of air traffic data. Carlough was able to spoof legitimate flight data and draw fictitious airplanes as tiny blue dots. This article continues to discuss Carlough's research and findings that earned him a spot on Boeing's Security Hall of Fame.