高科技成了偷车贼的帮凶
Car alarms being by hackers and thieves to open the doors of some new cars. Computer hackers can force some cars to unlock their doors and start their engines without a key, by sending specially crafted messages to a vehicle's anti-theft system.
Text messages are a powerful means of attack because the devices that receive them generally cannot refuse texts and the commands encoded in them. Users can't block texts; only operators of the phone networks can.
Devices such as alarm systems are assigned phone numbers just like fax machines. If you can find the secret phone number attached to a particular device, you can owecgobe it by sending your own commands through text messaging.
Computer security consultants Don Bailey and Mathew Solnik have conducted research into the vulnerabilities of car security. They are working as hackers to try and break into this car.
With a laptop perched on the bonnet, they have sent the car's alarm system commands to unlock the doors and start the engine. Solnik says they cannot give specific details on how they do it.
"By connecting our laptops to the GSM network part of which is called the M2M, machine to machine network, we are able to communicate with devices that are on the cellular network."
It shows how vulnerable cars can be to technology-savvy thieves. Solnik says they can issue all sorts of instructions to the vehicle.
"By doing that, we connect to your car, send it certain commands and those commands include 'unlock', 'start'. Just about anything we'd like to do we can do to your car."
This is possible because car alarms, GPS systems and other devices are increasingly connected to cellular telephone networks and thus can receive commands through text messaging.
That capability allows owners to change settings on devices remotely, but it also gives hackers a way in. As well as hacking into the car security system they can also access the vehicle's GPS system, which could be used by stalkers or burglars.
Bailey and Solnik's research shows that such attacks are possible on a variety of other devices that use wireless communications chips. Those include ATMs, medical devices and even traffic lights. Hackers have already sent specially crafted texts with commands to instantly disconnect iPhones from the cellular network.
Manager of Custom Car Alarms R.D. Sam says only certain alarm systems are affected.
"Basic stand-alone systems don't have any communication as far as cell phone but they can be armed and disarmed by remote control. We did a customer's car at the airport and her car was parked there, she had an alarm. The two cars on the left side of her got broken into and the two cars on the right side got broken into but her car didn't get touched. And there's a reason why, it wasn't an easy target."
According to the Cyber Consequences Unit, a group that studies hacking threats, the research findings aren't just about taking off with someone else's car or finding out where that person has been. It also raises the possibility of other dangers, such as those potentially affecting braking and acceleration.
Computer security consultant Don Bailey says there are things people can do to make sure they are protected.
"Talk to the person that you buy your car from or the person that designed your security model and make sure that they are aware of these issues and ask, 'what are you doing to protect me, the consumer, from these types of threats?'"
E-computer security consultants are already working with car and car alarm makers to ensure their systems are safe.
For CRI, I am Li Dong.
- 上一篇
- 下一篇