State Trooper Vehicles Hacked

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
While it may be possible to hack into a police car, who would actually be that stupid?

A state trooper responding to a call starts his vehicle, but is unable to shift the gear from park to drive. The engine RPMs suddenly spike and the engine accelerates, no foot on the pedal. Then the engine cuts off on its own. The unmarked 2012 Chevrolet Impala from the Virginia State Police's (VSP) fleet has been hacked -- but luckily, by good hackers.
 
A hacker would probably do better trying to hack a database that says his vehicle registration is out of date, his license isn't expired, he has no wants and warrants, etc. Much better to not look guilty then it is to actively mess with them and stir the hornet's nest.
 
Dwango said:
My guess would be that we'll be finding out the answer to that really soon. :D
Click to expand...

You'd know now if you'd read the article.

It's just one in a series of cyberattacks waged on the VSP's Impala and on one of its 2013 Ford Taurus marked patrol cars as part of an experiment by a public-private partnership to test how state trooper vehicles could be sabotaged via cyberattacks. Virginia Governor Terry McAuliffe in May first announced the initiative, which was aimed at protecting the state's public safety agencies and citizens from vehicle-hacking.
Click to expand...
 
sfsuphysics said:
That's one less car that PDs won't be buying fleets from Chevy.
Click to expand...

Not for nothing but this kind of thing is possible in just about every newer car out there because none of the controls are actually physically connected to what they're supposed to control anymore. It's all drive by wire now. Just buying from some other brand doesn't save you from the possibility of having your vehicle hacked. And it's likely to be that way until the car manufacturers start taking the security of the technology they're using to make their cars more seriously.
 
So with how they did it you could potentially do it to any vehicle. They had to have physical access to the on board computer to hook up a device that would reprogram the cars computer. So this is similar to the handheld devices that I can buy for my Mustang that will reprogram everything for better performance. But in this case it was used to hamper performance.
 
Dwango said:
Not for nothing but this kind of thing is possible in just about every newer car out there because none of the controls are actually physically connected to what they're supposed to control anymore. It's all drive by wire now. Just buying from some other brand doesn't save you from the possibility of having your vehicle hacked. And it's likely to be that way until the car manufacturers start taking the security of the technology they're using to make their cars more seriously.
Click to expand...

Well, since in these cases they had to install a BT dongel connected directly to the OBD2 port to make it possible then at least for these vehicles it's not really an issue. The problem is not drive by wire or automated control systems. The problem will remain one of if and how these vehicles may be connected to networks and communications devices. Now in your favor, a car like my new Challenger is defitly connected and at risk. Sort of. All the peices are in place but I am not paying for or using the car's on-board hotspot feature. The real path in right now would be via XFM. As long as XFM remains secure then I am in pretty good shape. I also use the BT but an attacker must cmpromise the security of it first, maybe they can, maybe not, I can't say.

I do know I just did a software upgrade to my car as part of a recall last month. Took about 30 minutes and was supposed to address security vulnerabilities in the car. What I can say is that the update did more then that cause my car drives a little different now then before. Maybe the dealership "tweeked" my car's setup and it's restored to default, or maybe Dodge has changed the baseline default config settings, but I know the car feels different. It's pretty cool in a way, a little strange in another.
 
The problem is that police and government officials should be the ones without cars that are vulnerable to hacking or whatever. It's the average person that should be legally required to have a car that can be remotely controlled by a police officer at all times so that car chases and stuff don't happen. There should also be very frequent, random vehicle checkpoints where peoples' cars can be searched to ensure that those systems haven't been tampered with. They could also get people arrested at those for having drugs in their cars or transporting guns around.
 
CreepyUncleGoogle said:
The problem is that police and government officials should be the ones without cars that are vulnerable to hacking or whatever. It's the average person that should be legally required to have a car that can be remotely controlled by a police officer at all times so that car chases and stuff don't happen. There should also be very frequent, random vehicle checkpoints where peoples' cars can be searched to ensure that those systems haven't been tampered with. They could also get people arrested at those for having drugs in their cars or transporting guns around.
Click to expand...

I for some reason pictured a checkpoint where the inspecting officer has stopped an amish person and is yelling commands at their horse to see if it responds to the officers commands.
 
Darunion said:
I for some reason pictured a checkpoint where the inspecting officer has stopped an amish person and is yelling commands at their horse to see if it responds to the officers commands.
Click to expand...

They should totally make those things for horses too. Like a giant thing on a strap that you attach to it that could stun it with an electrical shock so it wasn't able to run away.
 
Driving an old car with a carburetor and a two or three speed automatic (or manual trans) just seems to make more sense to me now. Wish I never got rid of my 1978 Z28.
 
Not me, I have been totally happy with my Challenger. In the late 80s I still had a really nice '70 LeMans with a 455, 3speed auto, positrack rear end. It was beastie to say the least but it pales in comparison to how absolutely nice and comfortable my new Challenger is.

I appreciate the old rides as much as the next guy. Still have my heart set on a '68 Charger R/T, but the prices are stupidly high and they don't compare as a daily driver so there it is.

Maybe I could talk myself into a '73 Camaro split-bumper. Much easier and find and cheaper to buy then the Charger. But the Charger has always been the one for me, wish I had grabbed one before they became unreasonably hard to get.
 
for one, it's a damn shame auto makers don't believe in isolated design. FCA designing their in-car wifi system on the same micro as their physical controls and engine control unit. that's just asking for trouble. maybe it's because they farm so much of their design work out to 3rd parties. The article including a "threat" to older vehicles is plain stupid. If the driver is not aware of something sticking out of their OBD port, it's their fault.
 
lcpiper said:
I do know I just did a software upgrade to my car as part of a recall last month. Took about 30 minutes and was supposed to address security vulnerabilities in the car. What I can say is that the update did more then that cause my car drives a little different now then before. Maybe the dealership "tweeked" my car's setup and it's restored to default, or maybe Dodge has changed the baseline default config settings, but I know the car feels different. It's pretty cool in a way, a little strange in another.
Click to expand...

It likely reset your transmission shift point memory and its back to the defaults. It will relearn your ways and be back to how you remember it.
 
"require physical tampering", after I read that I tuned out entirely. If they require physical modifications you might as well just cut the brake line. Another poser article by people who don't understand what is and is not a serious car security issue.
 
Quix said:
"require physical tampering", after I read that I tuned out entirely. If they require physical modifications you might as well just cut the brake line. Another poser article by people who don't understand what is and is not a serious car security issue.
Click to expand...

No kidding. I was wondering how this is even a risk.. good luck breaking into a cop car, let alone putting a dongle into the OBD2 port and no one noticing.

As a side story, Fort Knox is vulnerable.. all I need to do is break in and leave a large hole in the wall for later so I can walk in and take what I like.
 
Quix said:
"require physical tampering", after I read that I tuned out entirely. If they require physical modifications you might as well just cut the brake line. Another poser article by people who don't understand what is and is not a serious car security issue.
Click to expand...

Missing the point they are trying to make. In the case of this demonstration, yes they had to "cheat" in order to gain access to the vehicle, but there point wasn't how they might gain access. It's that once they do gain access, they can cause a lot of trouble even on older vehicles that you wouldn't think were so vulnerable. Newer cars have a greater risk profile all the way around, both for access and for the mischief that can be caused.
 
auntjemima said:
No kidding. I was wondering how this is even a risk.. good luck breaking into a cop car, let alone putting a dongle into the OBD2 port and no one noticing.

As a side story, Fort Knox is vulnerable.. all I need to do is break in and leave a large hole in the wall for later so I can walk in and take what I like.
Click to expand...

Getting into the car is definitely the hard part, but it might not be too hard to leave a dongle in the OBD2 port without someone noticing. How often do you really look at your OBD2 port? On some cars it's really visible, but on others it can be pretty far up under the dash and out of sight.
 
lcpiper said:
A hacker would probably do better trying to hack a database that says his vehicle registration is out of date, his license isn't expired, he has no wants and warrants, etc. Much better to not look guilty then it is to actively mess with them and stir the hornet's nest.
Click to expand...

That's not the agenda that is trying to be pushed with these stories. This about needing over sight.
 
I can't wait for self driving cop cars. If I hacked them I'd send the whole police force to dunkin donuts at the same time.
 
this is why most cops have a mechanic that go to do all the work on their under cover cars and a maintenance bay in the police station to do the actual work on the regular cars and trucks. My mechanic in los angeles worked on under cover cars at one point.
 
You must log in or register to reply here.
Back
Top