Users watch in-flight entertainment systems. IOActive has not yet announced which airline carriers' in-flight systems it found were vulnerable. Photo: Smith Collection/Gado via Getty Images.

Multiple deployed satellite communications (SATCOM) products have security flaws, according to IOActive researcher Ruben Santamarta, who will present research in the field Wednesday at the cybersecurity conference Black Hat.

The systems are used in everything from airplane in-flight WiFi and entertainment systems to communications on ships. Santamarta found vulnerable systems in both.

"We are talking about major airlines and fleets."
— Santamartato to Axios

Why it matters: Hacking an in-flight WiFi system can't crash a plane — that's a different system. But think about the damage a hacker could cause to an airline by sending an alert to in-flight entertainment systems to prepare for a crash landing.

What was discovered: While IOActive had presented on security problems in device software, it hadn't previously checked the prevalence of the flaws in the real world.

  • "In 2014, those scenarios were theoretical. After four years, we’ve proved they are real," Santamarta told Axios.
  • Santamarta also discovered ways a hacked system could be weaponized to exert harmful radio frequency broadcasts.
  • The 2014 presentation found a bevy of problems in SATCOM, including flawed protocols, poor encryption and hard coded passwords.

Who it effects: IOActive found accessible systems in NATO conflict zones, where SATCOM is used for sending communications to a remote region.

  • Those systems include at least one major airline carrier being kept secret until the presentation.
  • The firm found some systems at sea that had been infected in malware, although it was unclear whether that was a targeted attack.

Go deeper

Updated 25 mins ago - Politics & Policy

Ohio Gov. Mike DeWine tests negative for coronavirus after positive result

Photo: Justin Merriman/Getty Images

Ohio Gov. Mike DeWine (R) tested negative for the coronavirus after initially testing positive earlier Thursday, his office announced.

Why it matters: 73-year-old DeWine was set to meet President Trump Thursday on the tarmac at an airport in Cleveland and was tested as part of standard protocol.

Updated 35 mins ago - Politics & Policy

Coronavirus dashboard

Illustration: Eniola Odetunde/Axios

  1. Global: Total confirmed cases as of 9:30 p.m. ET: 18,996,008 — Total deaths: 712,476— Total recoveries — 11,478,835Map.
  2. U.S.: Total confirmed cases as of 9:30 p.m. ET: 4,877,115 — Total deaths: 159,990 — Total recoveries: 1,598,624 — Total tests: 59,652,675Map.
  3. Politics: Pelosi rips GOP over stimulus negotiations: "Perhaps you mistook them for somebody who gives a damn" — Ohio Gov. Mike DeWine tests positive.
  4. Public health: Majority of Americans say states reopened too quicklyFauci says task force will examine aerosolized spread Study finds COVID-19 antibodies prevalent in NYC health care workers.
  5. Business: The health care sector imploded in Q2More farmers are declaring bankruptcyJuly's jobs report could be an inflection point for the recovery.
  6. Sports: Where college football's biggest conferences stand on playing.

Trump issues order banning TikTok if not sold within 45 days

Illustration: Aïda Amer/Axios

Americans and U.S. companies will be banned from making transactions with ByteDance, the Chinese owner of TikTok, in 45 days, according to a new executive order President Trump issued Thursday evening.

The big picture: Last week Trump announced his intention to ban TikTok but said he'd leave a 45-day period for Microsoft or other U.S.-based suitors to try to close a deal to acquire the popular video-sharing app.