If you have a new car, equipped with the latest in cellular-network-based security, we’ve got bad news for you. A group of hackers has proven that they can find a vehicle’s specific location, remotely unlock it, and start it using nothing more than a simple cell-phone-initiated text message. Don Bailey and Matthew Solnik, of iSec Partners, will present their findings at next week’s Black Hat Security Conference in Las Vegas.
The pair plan to demonstrate their research at the conference, though it was unclear if they’d target a random vehicle to prove their point. Although Bailey and Solnik won’t identify which system was hacked, there’s a limited number of cellular-network-based security systems on the market today, and the most popular (by a large margin) is GM’s OnStar.
If you think you need a master’s degree in computer science from MIT to hack into a vehicle, the pair advise you to think again. In a quote from Kaspersky Lab’s ThreatPost blog, Bailey advised, “This is not technologically advanced. The fact is you can own these kinds of systems in under a couple hours.”
In defense of cellular network security, any vehicle theft would likely be temporary, since a code can be sent to disable and then locate the stolen vehicle. Would that prevent a tech-savvy teen from hacking dad's Corvette while he's away on business? Probably not.
Just in case this isn't disconcerting enough, iSec warns that the same methods can be used to hack public utilities, such as power plants and water treatment complexes. That makes the idea of having your car stolen by hackers seem downright insignificant, doesn’t it?