Not too long ago, the best way to gain illegal access to a vehicle was through a stolen key, a rod-and-hook, or a quick bash to the window. Now, thanks to the ever-increasing amount of highly integrated in-car technology, hackers can pop the locks on some rides with nothing but a laptop and some free time.
Two representatives of security company iSEC Partners have proved the vulnerability of cars equipped with cellular-based assistant services, such as GM’s OnStar and BMW Assist, through a method they’ve dubbed “war texting.” Essentially, the pair set up a decentralized GSM mobile network that allowed them to communicate with the vehicles’ in-car system posing as authorized servers. They had little trouble bypassing the existing security protocol and were able to operate aspects of the systems’ functionality–say, remote-unlocking the doors–using simple messages sent from a laptop.
Thankfully, the iSEC Partners team of Don Bailey and Mathew Solnik presented their findings at last week’s Black Hat USA convention in Las Vegas in order to help automakers and others recognize and address such vulnerabilities.
Read more at Gizmag.
