Electronics

'War Texting' lets hackers gain access to cars via GSM networks

'War Texting' lets hackers gain access to cars via GSM networks
Cellular-based automotive systems such as BMW Assist have been hacked by a pair of security systems engineers
Cellular-based automotive systems such as BMW Assist have been hacked by a pair of security systems engineers
View 2 Images
(Photo: relgar via Flickr.com)
1/2
(Photo: relgar via Flickr.com)
Cellular-based automotive systems such as BMW Assist have been hacked by a pair of security systems engineers
2/2
Cellular-based automotive systems such as BMW Assist have been hacked by a pair of security systems engineers

Cellular-based automotive roadside assistance services like GM's OnStar and BMW Assist allow remote unlocking of vehicles by communicating with remote servers via standard mobile networks. Now a pair of security systems engineers have managed to prove it takes just a few hours of clever reverse engineering to crack the in-car cellular network-based technology to gain access to vehicles. They call their method "War Texting."

Don Bailey and Mathew Solnik of security company iSEC Partners set up an ad-hoc GSM network, which allowed them to communicate directly with the in-car system, posing as authorized servers. A proprietary protocol that is normally in use proved not be secure enough. All they eventually needed to do, was to send simple messages from a laptop to the car's computer.

Bailey and Solnik will present their findings during the upcoming Black Hat USA conference in Las Vegas in a briefing entitled "War Texting: Identifying and Interacting with Devices on the Telephone Network," although they will skip the details regarding the attack, to allow manufacturers to fix vulnerable systems.

However, apparently not just car security technologies are defenseless against the "War Texting" hacking method, as cellular networks are also utilized by SCADA systems that monitor and control industrial infrastructure, or facility-based processes.

"What I got in two hours with the car alarm is pretty horrifying when you consider other devices like this, such as SCADA systems and traffic-control cameras. How quick and easy it is to re-engineer them is pretty scary," Don Bailey said.

Source: ExtremeTech

3 comments
3 comments
Jim Clement
Something to be aware of.
Pks29733steel
One way to advoid this is NOT to install systems such as \'ON Star\' and \'Assit\'. Use your cell phone (that\'s all these are with gps built in, they can do the same with your celluar phone) and advoid paying for a service that you cell phone can take care of. You are paying a cell phone bill anyway so why pay another? And folks that say you won\'t be able to reach your phone in a accident, secure it in the center console and use a \'hands free\' ear bud (alot of the earbuds let you \'voicedial\') versus shelling out more money for a service that you all ready have (a phone and voice dial for 911.
klatuu
everytime I see the onstar commercial where the operator says help is on the way after fenderbender with deer I chuckle thinking of all the idiots that had to much to drink in similar minor circumstance & wish they had never heard of Onstar