Virginia State Police Cars Hacked

ancientribe writes: Two models of Virginia State Police cruisers were hacked in an experiment to expose vulnerabilities in the vehicles and to come up with ways to protect the cars from hackers. Mitre Corp., the Virginia Dept. of Motor Vehicles, the University of Virginia, and other organizations in cooperation with DHS and the DOT demonstrated the attacks on an unmarked 2012 Chevrolet Impala and a marked patrol car, a 2013 Ford Taurus. GM and Ford even provided their comments to the press in the wake of the experiment.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[Anonymous Coward]

only because the car had no network connectivity to be hacked:

The first set of attacks by Mitre occurs via a smartphone app connected via Bluetooth to a hacking device planted in the vehicle, he says. "This car [the Impala] doesn't have Bluetooth or cellular" connectivity built in, he says, so connectivity was provided via the Mitre device.

Re:

[Harlequin80]

It's even worse than that. This is along the lines of give someone physical access to a machine and they can mess with it. They could have quite easily just poured a bag or rice into the fuel tank.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[davester666]

Yes.

Clickbait

[Anonymous Coward]

The title should also contain "In An Experiment".

There you go. I've saved you the trouble of even reading the summary.

A feature, not a bug?

[Anonymous Coward]

The hack required 'unrestricted access'

They plugged into the CAN bus

The news here is that things look pretty secure.

Re:

[Anonymous Coward]

Still, the experiment proves: stop connecting every damn thing to the internet. Connectivity is the opposite of security.

Re:

[theronb]

Probably not possible from the back seat with handcuffs?

Re:

[LaurenCates]

Maybe not, but on a crime scene by someone who claims to be an officer and is wearing a uniform? Far more likely.

People around here are discounting social engineering.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[R3d M3rcury]

The next question is, how difficult is it to get unrestricted access to a police car? How about an entire police force's patrol cars?

Re:

[PTBarnum]

It should only take a few seconds of access to plug something into the CAN bus. I'm going to guess that whatever security protocols the police follow, there are times when someone forgets or doesn't have time to lock thier car.

the Po-Po endure unrestricted access

[turkeydance]

without a warrant.

Is this even Realistic?

[Anonymous Coward]

If it takes so many high caliber research orgs to hack the car, and if they have to have unfettered physical access to it, along with weeks of time to reverse engineer the systems, find exploits, and develop attack software, is it really a vulnerability?

Re:

[LaurenCates]

Well, maybe it's a movie myth, but suppose those research orgs aren't the best and brightest and some rogue actor can accomplish the same task in a fraction of the time?

does hacking a police car beat

[ozduo]

chaining its rear axle to a post? Perhaps!

The Police Shouldn't Be That Worried...

[damn_registrars]

If the Impala is being hacked, it should be rental car companies worrying about this. The Impala is one of the most common rental cars out there, and do car rental companies check the engine bay and OBD II ports when cars come back in? I doubt it. If someone did something nefarious to a rental car (or several over time) it could be a big problem for the agency.

Re:

[adolf]

No.

First, this is a complete non-story: Anyone with unfettered physical access to a motor vehicle (or any other machine) can do all kinds of nefarious things to it, whether digital or not. This fact is not news.

Second, the rental car companies have an excellent log of who has rented which vehicle. This should come as a surprise to nobody.

Third, the next renter is random (as far as an attacker knows), so it's impossible to target to an individual. Therefore, the only result could be pseudo-random chaos.

A

Re:

[Anonymous Coward]

No.

First, this is a complete non-story: Anyone with unfettered physical access to a motor vehicle (or any other machine) can do all kinds of nefarious things to it, whether digital or not. This fact is not news.

Second, the rental car companies have an excellent log of who has rented which vehicle. This should come as a surprise to nobody.

Third, the next renter is random (as far as an attacker knows), so it's impossible to target to an individual. Therefore, the only result could be pseudo-random chaos.

And an attacker seeking random-ish chaos would do better to attack cars in detached garages in noisy neighborhoods, because at least that doesn't leave a paper trail.

Just sayin'.

Dude, don't overestimate malicious idiots. One of the bombers in the first World Trade Center bombing in 1993 went back to the Ryder truck rental company office and tried to get his deposit back on the fucking truck that he blew up.

Re:

[hink]

So they have a record of who has rented the car. So it could be one of 50 people in the last 3 months at a busy tourist location. If 50 cars were tampered with and remote controlled, will the police be able to track back through all of those people? Obviously, the bad guys would need to use a different person/identity each time they rent a car. OR, even easier, they could compromise some of the minimum wage car cleaners, and have them connect the devices on every other car they work on. Or their manager tel

MOD PARENT UP

[damn_registrars]

This is what I was trying to get to in my post. Apparently I was not sufficiently verbose (or imaginative).

Re:

[adolf]

Sure, those things are possible.

But large-scale tampering of rental vehicles, even with a lengthy delay, could have been done for as long as we've had rental vehicles available.

Nobody is going to look for a mechanical timer with small explosive device that is on the firewall behind the engine on a rental car, ready to sever brake lines. It'd be a nasty one, too: The more the driver pumped the brake pedal trying to stop, the bigger the fire would get.

But nobody's doing that.

That cars are digitally hackable

Re:

[megabeck42]

While your scenario is entirely plausible; why would anyone spend money to 'hack' a rental car? They wouldn't be able to predict who will drive it next or even when. I mean, sure, teenagers will shoplift spraypaint to tag up the local underpass; but with regards to this, the talented have better things to do and sophomoric aren't renting cars.

Personally, I'd worry about this less than I worry about skin cancer.

P.S. That being said, I will admit I bought a more expensive bluetooth OBD-II adapter to use in my

Re:

[Fnord666]

P.S. That being said, I will admit I bought a more expensive bluetooth OBD-II adapter to use in my explorer that requires a physical button press to pair. Cheaper adapters are generally discoverable when not connected to a host and used a generic 0000 or 1234 pin. I leave the adapter plugged in all the time because there's an old android tablet between the seats that logs OBD-II PIDs while I'm driving and auto-uploads them when I'm in my driveway.

Very interesting. What do you do with the data?

Jesus Fucking Christ!

[Anonymous Coward]

A Bluetooth ODBII adapter is NOT a fucking hack! You are issuing commands on the CAN bus and the car is responding to those commands as designed. The car is intentionally designed to lock the doors, when the LOCK DOORS command is issued on the CAN bus.

This story of utter bullshit. Mitre Co. should be ashamed of themselves! Dark Reading and Slashdot should be ashamed of themselves for even mentioning this story. It is utter crap!

Up next, "Using nothing but the car's key, hackers unlock the door!"

Re:

[Coren22]

ODBII and CANBUS are two different buses. Perhaps you should read more about the subject?