At the Black Hat hacker conference next week, a pair of hackers will demonstrate how to open a locked car using SMS text messages. According to the hackers, many devices connected to mobile networks are not well protected against attacks and could lead to widespread security problems.
Other devices and peripherals, such as energy meters and even public water systems may in theory be accessed over phone networks says Don Bailey, a security researcher for iSec Partners, a US based information security and computer forensics consulting firm. Bailey will speak next week at the Black Hat USA 2011 conference in Las Vegas.
According to Bailey and fellow researcher Mathew Solnik, they have successfully reverse engineered the communication protocols in software that is used to control car functions remotely. One of the better-known brands of this type of software is General Motor’s OnStar system, though the hackers are not saying which car systems they have been able to exploit. Mercedes and BMW use similar mobile systems. Intercepting messages sent from the car via a laptop allows them to issue their own commands such as turn off the alarm, unlock the doors or turn the engine on. The pair says it only took them two hours to figure out how to access the system.
Bailey will demo but not unveil the exact details of how the hack works at next week’s conference. The researchers claim hacking public utilities using similar methods is very possible and will be a topic of discussion.
The Black Hat Conference is a computer security convention that brings together security professionals and hackers to discuss the state of information security. The event is held once a year in different locations around the world, this year’s conference will be held in the US in Las Vegas Nevada on August 3rd and 4th.
Per http://www.blackhat.com/html/about.html – “From its inception in 1997, Black Hat has grown from a single annual conference in Las Vegas to a global conference series with annual events in Abu Dhabi, Barcelona, Las Vegas and Washington DC. It has also become a premiere venue for elite security researchers and the best security trainers to find their audience.”
Certainly interesting, but your last sentence saying Black Hat is held once a year is incorrect. There are several Black Hat conferences that take place around the world throughout the year, including two in the United States (Las Vegas and Washington ,D.C.) and Europe as well as Abu Dhabi. – Mike