Hackers are getting more creative by the second. Is there nothing they can’t burrow into? Well with this, they can add one more thing to the list: our vehicles.
Among the cool (and maybe scary) things that are coming out of The Black Hat Technical Security Conference is a smartphone-based attack on a Subaru Outback. A couple of guys from a security firm called iSec Partners managed to unlock the vehicle and turn on its ignition using an Android phone and a “war texting” exploit. (Basically, they grabbed the password authentication sent from the server to the connected car using a GSM network they created.)
The security pros cautioned that similar exploits could be used on things like A-GPS devices, 3G security cams and SCADA sensors. That last one’s a biggie. SCADA, or Supervisory Control and Data Acquisition, is a remote data transmission system implemented across public utilities, transit, and environmental and urban control systems. That means stuff like home automation, city traffic control grids, and water and power plants could be vulnerable to this hack.
iSec Partners won’t disclose details on this exploit or identify which cars could be vulnerable until automakers get a chance to address the issue.