An interesting article by By Heather Kelly on CNN.com:
(CNN) — If something can connect to a network, it can be hacked. Computers and phones are still popular targets, but increasingly so are cars, home security systems, TVs and even oil refineries.
That was the message at this year’s Black Hat and DefCon computer security conferences, which took place last week in Las Vegas. The annual conferences draw a mix of computer researchers and hackers who present the latest bugs and vulnerabilities they’ve discovered. It’s a combination of public service, business and sport.
These are some of the more popular targets covered at this year’s conferences. By drawing attention to them, the “white-hat” hackers hope to encourage greater security from the various manufacturers and industries, and more vigilance from consumers.
Typically, the presenters inform manufacturers of bugs ahead of their talks so the companies can fix the issues before they are exploited by criminals.
Someone hacking your computer can be an inconvenience. Someone hacking your car can be deadly.
A pair of presentations on hacking cars kicked off the DefCon conference on Friday. Australian hacker Zoz outlined the security issues fully autonomous cars will face and said car-hacking is inevitable.
Autonomous vehicles like cars and drones are essentially robots, and they rely on sensors to operate. He said a hacker could theoretically take complete control of a car over wireless networks or trick its various sensors into feeding a motorist false information about location, speed and the proximity of other cars or objects.
Fully driverless cars are still a few years away, but computerized systems are common in vehicles on the road today. Electronic control units can control a range of car functions, including braking, accelerating and steering. They manage security features, in-car displays and even seat belts.
Researchers Charlie Miller and Chris Valasek, funded by a grant from the U.S. military’s DARPA, looked into what kind of damage hackers could do to a car by taking control of a Toyota Prius and a Ford Escape.
To access the systems, they had to physically connect a computer to the cars through a diagnostics port. They wrote custom software that let them hijack the cars’ systems.
Once in control, they disabled brakes, changed the display to show incorrect speed or gas levels, and messed with the steering and seat belts. They were able to kill the engine and toy with with less consequential features like the car’s horn and lights.
Toyota played down the wired demonstration and said it is focusing on security measures to prevent wireless attacks.
Read the rest here.