At the Black Hat security conference that took place recently in Las Vegas, there was a demonstration of the Subaru Outback being unlocked and its engine being started remotely. The event was conducted by two security researchers from iSec Partners named Don Bailey and Matthew Solnik.
They got an Android phone and used a technique they referred to as 'war texting' wherein they used two unnamed remote control products that are for locking and unlocking.
After setting up their own GSM network, it took them just two hours to intercept the password authentication messages between the server and the car. They said that this technique could be used to hit other systems that receive firmware updates through text messages.
These include traffic control systems and security cameras. It’s worrisome that this technique could be used on SCADA sensors, which are employed in industrial systems like the power grid and water supply.
Bailey said that the “real threat” would be if this technique controls power, phone, or traffic systems. They declined to provide details about how the hacking is accomplished or to say what cars are at risk until the manufacturers get the chance to fix the vulnerabilities.
Notably, similar remote-control apps are used by General Motors, BMW and Mercedes. In May 2010, other security researchers have successfully attempted to remotely control cars. A group from the University of Washington used a diagnostic computer system named the Controller Area Network to control the locks and the brakes of the cars remotely.