* Europe - Millions of vehicles may be open to hackers
-- Your car, in some sense, is only as secure as the least secure Internet-connected gadget you plug into it: Researchers proved as much last summer when they hacked a Corvette’s brakes via a cellular-enabled insurance dongle attached to the sportscar’s dashboard. Now another hacker has found that those digital accessories may have left another, bigger class of automobile vulnerable to the same sort of over-the-internet intrusion: industrial vehicles like buses, trucks, and ambulances... In a blog post published earlier this week, Spanish security researcher Jose Carlos Norte revealed that he’d used the scanning software Shodan to find thousands of publicly exposed “telematics gateway units” or TGUs, small radio-enabled devices attached to industrial vehicles’ networks to track their location, gas mileage and other data. He found that one TGU in particular, the C4Max sold by the French firm Mobile Devices, had no password protection, leaving the devices accessible to any hacker who scanned for them... That allowed Norte, the chief technology officer for the security firm EyeOS owned by the Spanish telecom Telefonica, to easily look up the location of any of hundreds or thousands of vehicles at any given moment. And Norte believes he could have gone further, though he didn’t for fear of violating the law; with a few more steps, he says, an intruder could send commands over the vehicle’s internal network—known as its CAN bus—to affect its steering, brakes or transmission... Researchers at the University of California at San Diego last summer who did develop a full CAN network attack via a different Mobile Devices’ vehicle accessory, albeit one aimed at smaller cars and trucks. The UCSD researchers were able to remotely alter that dongle’s firmware to send CAN commands to a Corvette that turned on its windshield wipers or disabled its brakes, showing the danger of those insecure, Internet-connected car gadgets...
(Getty Images) -- Wired, by ANDY GREENBERG - 10 March 16Labels: hackering cars' computers
![[Valid Atom 1.0]](valid-atom.png "Validate my Atom 1.0 feed")
0 Comments:
Post a Comment
<< Home