Hackers unlock and start Subaru Outback

By

Hack took two hours to set up.

Two researchers demonstrated Wednesday how they were able to send commands, via a laptop, to unlock the doors of a Subaru Outback, and then, awing the audience, actually start the car.

Hackers unlock and start Subaru Outback

The researchers, Don Bailey and Matthew Solnik, security consultants at iSec Partners and speaking at the Black Hat conference in Las Vegas, used a technique they have dubbed “war texting” to tap into a system used to remotely control the cars.

The researchers did not disclose the name of the affected system to give its manufacturer time to fix the issue.

In the presentation, titled “War Texting: Identifying and Interacting with Devices on the Telephone Network,” Bailey said that in addition to vehicles, many other GPS-tracking devices, 3G security cameras, urban traffic control systems, SCADA sensors and home controls and systems are also telephony-enabled and, as a result, susceptible to attack.

Such systems often receive firmware updates and other messages over the Global System for Mobile Communications (GSM) telephone network in the form of SMS messages, Bailey said. It is their reliance on the GSM network that makes such systems vulnerable to reverse engineering and abuse.

“Technology is a good thing for us," he said. "We can't be overly paranoid about what we're doing. But at the same time, history has shown us it's not always a good idea.”

Bailey said it took just two hours for him and Solnik to set up their own private GSM network, then figure out how to directly communicate with the in-car system by posing as an authorized server.

An attacker could easily locate other vulnerable systems on the global telephone network, he added. Once these platforms are identified, attackers can intercept the messages sent to and from such systems, then send their own messages commanding the system to send back its location or other data.

Bailey also has successfully used such techniques to compromise the consumer GPS-tracking device Zoombak, he said.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
black hatsecurity

Sponsored Whitepapers

Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra

Events

Most Read Articles

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?