Sat nav systems at risk from hackers
By Guy Matthews,
The satellite navigation systems in many cars are wide open to potentially dangerous abuse by hackers, warns a security expert.
Andrea Barisani, chief security engineer with Italian consultancy Inverse Path, says systems based on Radio Data System-Traffic Message Channel (RDS-TMC) technology are particularly vulnerable.
He says his own tests show how a hacker could get into such systems and send drivers wrong messages about where to go, and other misleading information.
RDS-TMC is used widely in vehicles across the UK, Europe and the US, typically to provide data on traffic conditions, accidents and detours. Because it does not authenticate the source of data sent to it, says Barisani, the system is open to senders of bogus information, or large amounts of data aimed at swamping it and causing a denial of service.
"I recently bought a new car with an RDS-TMC sat nav feature, which made me wonder how easy it would be for someone to detect it and then inject it with false data," Barisani said. "A colleague and I tested it and discovered it was relatively easy."
He believes there are a number of ways that navigation systems could be abused: "You could divert someone to a secondary road that you know of, and ambush them there. You could create a traffic jam by sending everyone down a narrow street. You could use it to send false terror alerts and spread alarm."
He says company car drivers could be especially at risk from competitors making them divert, or springing a denial of service attack. "A lot of professional people no doubt depend on this technology," he says.
"The trouble is that people trust sat nav," he points out. "It's not like your PC which everyone knows is vulnerable to hackers and viruses, so are wary of. Sat nav naturally inspires blind faith."
Barisani says he is amazed that there is no authentication on RDS-TMC systems: "I know some manufacturers are working on new and more secure standards, primarily for billing purposes though," he says. "These new standards will solve most of the issues but it's going to take quite some time before wide implementation and adoption."
He says he'd like to see more awareness of this, 'so at least the good guys know what the risks are before the bad guys get to work'.
Barisani and colleague Daniele Bianco plan to present their full research at next month's CanSecWest security conference in Vancouver.
advertisement
Latest Mobile & Telecoms Features
Q&A: Motorola's enterprise VP John Coon
Acquisitions, restructuring and more mobility innovations feature in the future for Motorola.
- Q&A: Orange's devices chief Francois Mahieu
- What's happened to Sony Ericsson?
- Top 10 iPhone tips
- Where will IT be in 2015?
- Keynote's Umang Gupta on the health of the Net
- Taking Symbian open source
- HD video conferencing: As good as being there?
- 802.11n: Is there an end to the saga?
- Sisters are doing IT for themselves
Latest Mobile & Telecoms Reviews
Skypephone S2
Rating: 
advertisement
Latest News Videos in Mobile & Telecoms
Video: Q&A with Eric Cador, HP Personal Systems Group
PlayIT PRO speaks to Eric Cador, SVP EMEA of HP’s Personal Systems Group, about the rising demand for personal computers and going mobile.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Sponsored results
- Online shopping
sections from here Mega Minute' at 1.09pm onunlocked from Far Easterneverything from radios and robots to DVD systemsnew tool from Nokia combines...
http://www.timesonline.co.uk/tol/system/topicRo...
Social Bookmark this article: What is this?