Virginia State Police Cars Hacked

← Back to Stories (view on slashdot.org)

Virginia State Police Cars Hacked

Posted by samzenpus on Wednesday September 30, 2015 @10:21AM from the breaking-in dept.

ancientribe writes: Two models of Virginia State Police cruisers were hacked in an experiment to expose vulnerabilities in the vehicles and to come up with ways to protect the cars from hackers. Mitre Corp., the Virginia Dept. of Motor Vehicles, the University of Virginia, and other organizations in cooperation with DHS and the DOT demonstrated the attacks on an unmarked 2012 Chevrolet Impala and a marked patrol car, a 2013 Ford Taurus. GM and Ford even provided their comments to the press in the wake of the experiment.

26 of 40 comments (clear)

Min score:

Reason:

Sort:

Literally nothing new by ArylAkamov · 2015-09-30 10:26 · Score: 4, Insightful

"The hacks of the VSP cruisers require initial physical tampering of the vehicle as well. The researchers inserted rogue devices in the two police vehicles to basically reprogram some of the car's electronic operations, or to wage the attacks via mobile devices, which they demonstrated."
Give physical access to a computer system and it can be compromised?
What a shock.
1. Re:Literally nothing new by Anonymous Coward · 2015-09-30 10:45 · Score: 1
  
  only because the car had no network connectivity to be hacked:
  
  The first set of attacks by Mitre occurs via a smartphone app connected via Bluetooth to a hacking device planted in the vehicle, he says. "This car [the Impala] doesn't have Bluetooth or cellular" connectivity built in, he says, so connectivity was provided via the Mitre device.
2. Re:Literally nothing new by Harlequin80 · 2015-09-30 10:53 · Score: 2
  
  It's even worse than that. This is along the lines of give someone physical access to a machine and they can mess with it. They could have quite easily just poured a bag or rice into the fuel tank.
3. Re:Literally nothing new by ArylAkamov · 2015-09-30 11:22 · Score: 4, Informative
  
  Pretty much. I'm betting they just plugged into the CAN bus.
  About as newsworthy as "ARDUINO HACKED BY USING ISCP PINS AND AVR PROGRAMMER"
Clickbait by Anonymous Coward · 2015-09-30 10:26 · Score: 5, Informative

The title should also contain "In An Experiment".
There you go. I've saved you the trouble of even reading the summary.
A feature, not a bug? by Anonymous Coward · 2015-09-30 10:30 · Score: 3, Insightful

The hack required 'unrestricted access'
They plugged into the CAN bus
The news here is that things look pretty secure.
1. Re:A feature, not a bug? by Anonymous Coward · 2015-09-30 10:41 · Score: 1
  
  Still, the experiment proves: stop connecting every damn thing to the internet. Connectivity is the opposite of security.
2. Re:A feature, not a bug? by theronb · 2015-09-30 10:47 · Score: 2
  
  Probably not possible from the back seat with handcuffs?
3. Re:A feature, not a bug? by ArylAkamov · 2015-09-30 11:27 · Score: 3, Insightful
  
  Agreed, probably just plugged a laptop into the CAN bus and reprogrammed the ecu.
  Should be titled "Car ECU reprogrammed using programming port"
4. Re:A feature, not a bug? by R3d+M3rcury · 2015-09-30 13:09 · Score: 1
  
  The next question is, how difficult is it to get unrestricted access to a police car? How about an entire police force's patrol cars?
5. Re:A feature, not a bug? by PTBarnum · 2015-09-30 16:04 · Score: 2
  
  It should only take a few seconds of access to plug something into the CAN bus. I'm going to guess that whatever security protocols the police follow, there are times when someone forgets or doesn't have time to lock thier car.
6. Re:A feature, not a bug? by LaurenCates · 2015-10-01 03:46 · Score: 1
  
  Maybe not, but on a crime scene by someone who claims to be an officer and is wearing a uniform? Far more likely.
  People around here are discounting social engineering.
  
  --
  Some people don't believe in fairies. I don't believe in The Patriarchy.
Is this even Realistic? by Anonymous Coward · 2015-09-30 10:46 · Score: 1

If it takes so many high caliber research orgs to hack the car, and if they have to have unfettered physical access to it, along with weeks of time to reverse engineer the systems, find exploits, and develop attack software, is it really a vulnerability?
1. Re:Is this even Realistic? by LaurenCates · 2015-10-01 03:49 · Score: 1
  
  Well, maybe it's a movie myth, but suppose those research orgs aren't the best and brightest and some rogue actor can accomplish the same task in a fraction of the time?
  
  --
  Some people don't believe in fairies. I don't believe in The Patriarchy.
does hacking a police car beat by ozduo · 2015-09-30 10:47 · Score: 5, Funny

chaining its rear axle to a post? Perhaps!

--
I got to the chocolate box before you, that's why the hard ones have teeth marks.
The Police Shouldn't Be That Worried... by damn_registrars · 2015-09-30 13:24 · Score: 5, Insightful

If the Impala is being hacked, it should be rental car companies worrying about this. The Impala is one of the most common rental cars out there, and do car rental companies check the engine bay and OBD II ports when cars come back in? I doubt it. If someone did something nefarious to a rental car (or several over time) it could be a big problem for the agency.

--
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
1. Re:The Police Shouldn't Be That Worried... by adolf · 2015-09-30 18:51 · Score: 2
  
  No.
  First, this is a complete non-story: Anyone with unfettered physical access to a motor vehicle (or any other machine) can do all kinds of nefarious things to it, whether digital or not. This fact is not news.
  Second, the rental car companies have an excellent log of who has rented which vehicle. This should come as a surprise to nobody.
  Third, the next renter is random (as far as an attacker knows), so it's impossible to target to an individual. Therefore, the only result could be pseudo-random chaos.
  And an attacker seeking random-ish chaos would do better to attack cars in detached garages in noisy neighborhoods, because at least that doesn't leave a paper trail.
  Just sayin'.
  
  --
  Kid-proof tablet..
2. Re:The Police Shouldn't Be That Worried... by Anonymous Coward · 2015-09-30 23:22 · Score: 1
  
  No.
  First, this is a complete non-story: Anyone with unfettered physical access to a motor vehicle (or any other machine) can do all kinds of nefarious things to it, whether digital or not. This fact is not news.
  Second, the rental car companies have an excellent log of who has rented which vehicle. This should come as a surprise to nobody.
  Third, the next renter is random (as far as an attacker knows), so it's impossible to target to an individual. Therefore, the only result could be pseudo-random chaos.
  And an attacker seeking random-ish chaos would do better to attack cars in detached garages in noisy neighborhoods, because at least that doesn't leave a paper trail.
  Just sayin'.
  Dude, don't overestimate malicious idiots. One of the bombers in the first World Trade Center bombing in 1993 went back to the Ryder truck rental company office and tried to get his deposit back on the fucking truck that he blew up.
3. Re:The Police Shouldn't Be That Worried... by megabeck42 · 2015-09-30 23:34 · Score: 1
  
  While your scenario is entirely plausible; why would anyone spend money to 'hack' a rental car? They wouldn't be able to predict who will drive it next or even when. I mean, sure, teenagers will shoplift spraypaint to tag up the local underpass; but with regards to this, the talented have better things to do and sophomoric aren't renting cars.
  Personally, I'd worry about this less than I worry about skin cancer.
  P.S. That being said, I will admit I bought a more expensive bluetooth OBD-II adapter to use in my explorer that requires a physical button press to pair. Cheaper adapters are generally discoverable when not connected to a host and used a generic 0000 or 1234 pin. I leave the adapter plugged in all the time because there's an old android tablet between the seats that logs OBD-II PIDs while I'm driving and auto-uploads them when I'm in my driveway.
  
  --
  fnord.
4. Re:The Police Shouldn't Be That Worried... by Fnord666 · 2015-10-01 02:02 · Score: 1
  
  P.S. That being said, I will admit I bought a more expensive bluetooth OBD-II adapter to use in my explorer that requires a physical button press to pair. Cheaper adapters are generally discoverable when not connected to a host and used a generic 0000 or 1234 pin. I leave the adapter plugged in all the time because there's an old android tablet between the seats that logs OBD-II PIDs while I'm driving and auto-uploads them when I'm in my driveway.
  Very interesting. What do you do with the data?
  
  --
  'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
5. Re:The Police Shouldn't Be That Worried... by hink · 2015-10-01 03:49 · Score: 1
  
  So they have a record of who has rented the car. So it could be one of 50 people in the last 3 months at a busy tourist location. If 50 cars were tampered with and remote controlled, will the police be able to track back through all of those people? Obviously, the bad guys would need to use a different person/identity each time they rent a car. OR, even easier, they could compromise some of the minimum wage car cleaners, and have them connect the devices on every other car they work on. Or their manager tells them they need to. Or their manager gets a phishing email from corporate HQ and a crate full of CAN dongles.
  
  Next, you create a bunch of Arduino-based devices with Bluetooth adapters (cheap if you go through Chinese suppliers) that send out "Throttle to 100%" commands continuously. Sprinkle them throughout the planters and harmless decorations around parking lots. Stick them to the bottom of the numerous parking lot trams. On the side of the parking lot attendants hut. Have them all start broadcasting a week later.
  
  You are not thinking at a big enough scale. What if 5% of the rental cars in Orlando Florida went haywire during a two day period? Would that cause chaos? Almost sounds like a terrorist attack. Yes, it could be fixed and prevented. Yes, you might not kill many people. But in the mean time, Team Badguys publically announces they did it, and have the means to do it in another city. THEN the FEAR makes people act stupid and give in, or pass laws that remove liberties. I seem to remember that happening around 14 years ago.
  
  --
  - speaking only for myself, as always
6. Re:The Police Shouldn't Be That Worried... by adolf · 2015-10-02 19:29 · Score: 1
  
  Sure, those things are possible.
  But large-scale tampering of rental vehicles, even with a lengthy delay, could have been done for as long as we've had rental vehicles available.
  Nobody is going to look for a mechanical timer with small explosive device that is on the firewall behind the engine on a rental car, ready to sever brake lines. It'd be a nasty one, too: The more the driver pumped the brake pedal trying to stop, the bigger the fire would get.
  But nobody's doing that.
  That cars are digitally hackable instead of being purely mechanically hackable does not make them more of a target. The whole thing reeks of the current patent debacle, wherein patents are issues for routine and mundane things which are now somehow novel because it is done "with a computer."
  Meanwhile, the hacks in TFA aren't even nefarious. They describe things like locking and unlocking doors, or remotely-starting an engine. Gosh, this is the same "hack" I have on my own car courtesy of the remote starter that I put in 7 years ago: All I have to do is add cell phone connectivity, and I can be in the news, too!
  (Remotely stop engine, roll up windows, disable power, and double-lock the doors so there's no easy escape? Easy-peasy, even on my 20-year old car. It just takes a bit of wiring that nobody is ever going to check beforehand.)
  
  --
  Kid-proof tablet..
Re:Were these cars running systemd? by davester666 · 2015-09-30 13:42 · Score: 2

Yes.

--
Sleep your way to a whiter smile...date a dentist!
Jesus Fucking Christ! by Anonymous Coward · 2015-10-01 00:20 · Score: 1

A Bluetooth ODBII adapter is NOT a fucking hack! You are issuing commands on the CAN bus and the car is responding to those commands as designed. The car is intentionally designed to lock the doors, when the LOCK DOORS command is issued on the CAN bus.
This story of utter bullshit. Mitre Co. should be ashamed of themselves! Dark Reading and Slashdot should be ashamed of themselves for even mentioning this story. It is utter crap!
Up next, "Using nothing but the car's key, hackers unlock the door!"
1. Re:Jesus Fucking Christ! by Coren22 · 2015-10-01 04:10 · Score: 1
  
  ODBII and CANBUS are two different buses. Perhaps you should read more about the subject?
  
  --
  APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
MOD PARENT UP by damn_registrars · 2015-10-01 07:22 · Score: 1

This is what I was trying to get to in my post. Apparently I was not sufficiently verbose (or imaginative).

--
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.