Two of the world's largest manufacturers of smart bilalarmer have had to recognise the fact that their products probably not quite as safe as they thought.
In each case, the managed professional hackers from the british it firm Pen Test Partners to break into alarm systems from manufacturers Viper and Pandora and on the way to take control of the vehicles they were installed on.
According to Pen Test Partners should sikkerhedsbristerne make up to 3 million. cars vulnerable to attack. The hackers got remote access to lock the cars up, stop the engine when the would and in one case to listen to what was said in the driver's compartment.
- The security implications are very worrying. How many accidents with hurtigtkørende cars could be performed by malicious individuals?, ask the it-cyber-rhetorical on its website.
It all began when Pen Test Partners – a company that lives to make so-called 'penetrationtests' for other companies where they are looking for vulnerabilities in software fell over a may be right legally cocky assertion on a website.
- One of the alarmfirmaerne, Pandora, advertised to be impossible to hack. It is really unwise, write Pen Test Partners on its website.
In hackerkredse there is hardly anything more attractive than a company that claims that they can't be hacked. Therefore, they began immediately to take to Pandora's systems and bought alarms for over 30,000 dollars to test them.
- We found the errors before we installed the alarms, but would buy them and install them in our cars, in order to be able to prove the concept fully, write Pen Test Partners.
having documented the errors thoroughly did the hackers quickly both alarmfirmaer aware of the vulnerabilities. Within a few days had the holes patched and the systems are once again secure.
Nonetheless, the professional hackers that firms have dummet themselves thoroughly. Modern cars are a golden target for criminals, and therefore must go out from, to the british it professionals hardly are the only ones who have put the effort in of breaking them.
Why is it not to know to what extent it has succeeded in other to break through the systems.