he hacks the wifi or the system on AF1 via a laser fired from a satellite and uploads the virus. My question is how do hackers hack websites and software. I've heard of DDoS attacks but how do they get into software like banks
a) Stupid Admins leaving holes.
b) Buffer overflow vulnerability, Giant string with payload pasted into a form that's not checked properly (too much SW is done no differently to 1970s)
c) SQL injection. A form that looks up a database.
d) Network vulnerability. Some buggy API or Service that shouldn't be exposed. (sending wrong size response when opening HTTPS session)
e) Insider information
f) A Software Trojan. A program that people download has been tampered with. In mainframe days they would send a tape with a demo of something for sale that loaded the trojan (late 1960s).
g) USB device Trojan. Send someone important inside a Keyboard, Mouse, Smart phone or PSU. This can silently install a Trojan via HID protocol. A USB stick relying on Autorun is less sure.
h) Physical access to the computer. All bets are off. No protection. BIOS and OS passwords do not protect. You take out HDD and write to it directly. Or even fit a Memory DIMM/SIM that as well as working as RAM, installs a root kit at power on. Or reflash the BIOS to load a root kit.
DDOS doesn't get "in" or infect at all! It's simply generating so much traffic that the real users can't get access. It requires 1000s of computers. A Botnet is 1000 to 500,000 computers that have trojan allowing remote control and using this to run a program in the background. The infected users will not notice anything.
plug in a USB drive loaded with a virus into a computer aboard AF1.
Unless "autorun" is enabled usually this won't work. Also a Flight computer may have no USB, it may not have an x86-x64 CPU. A virus or trojan has to be written for both a particular operating system AND the CPU type. Any "random" computer on AF1 will not be connected to flight system.
So you bribe someone working in the company that maintains the Flight Computer Software to install your Trojan. You bribe someone else to have essential maintenance / upgrade scheduled. People are the weak link. Almost ALL infections are not primarily due to vulnerable systems (all are), but due to poor user education, social engineering etc. Most data thefts are with help of inside employee.
If you presume that AF1 is connected to the internet via a military satellite link
Unless people have got really stupid lately, no command and control is connected to the Internet. Only random user's computers.
EMP
These are really really hard to generate and indiscriminately destroy electronics unpredictably. At lowest level CPUs and Memory chips fail.
Regular ICs
Discrete transistors
Valves / Tubes (the filaments/heaters burn out)
A highest level pulse, PCB tracks, fuses and thinner wires all burn out.
The lowest level of "frying" CPUs and RAM can be achieved with backpack sized gear, but you'd have to be less than 0.5m away and the device would need external wiring to pickup the pulse. Equipment designed to cope with the plane being hit by lightening would probably have pulse filtering, transorbs, gas discharge tubes etc. on all in/out wiring and be quite immune.