Friday, April 27, 2007

Storm Track Infiltration: GPS Navigation Next Use of Terrorist Attack

As if there weren’t enough way for terrorist to use to pursue their deadly jihad, now the tech and automobile world finds out that the word of a spanner in the satnav works leaked out that a terrorist could come up with an exploit that causes real problems for a driver and was entirely focused on the satellite navigation device itself as the means for delivery.

In January some TomTom Go 910 devices were being sold complete with a Trojan or two pre-installed, with the full knowledge of the manufacturer which had decided not to come clean and ‘fess up until pushed by the global fuss this blog entry caused.

Imagine the problems that could cause more than just getting misdirected to the nearest Starbucks. Imagine no more. Two Italian hackers have done just that.

It’s a neat twist on the kind of data injection exploits that have plagued online computer users for years, and to be frank the simplicity is perhaps the most worrying aspect as it means it can easily be copied by those who would do you harm. Harm as in sending you wrong directions, creating a virtual accident to ensure your vehicle is sent on an alternate route to avoid the non-existent delays, and well, the possible consequences are only too obvious in a world obsessed by the fear of terror attack.

The news of this leaked out at the Vancouver CanSecWest conference this week.

During the presentation entitled ‘Unusual Car Navigation Tricks: Injecting RDS-TMC Traffic Information Signals’ Andrea Barisani and Daniele Bianco from Inverse Path not only demonstrated the obscure and scary messages that can be broadcast to drivers, but also the limitations of standard satnav systems when flooded with these unusual messages. In their abstract the pair even jokingly mentioned how hitmen in the audience would love the role that RDS TMC injection and jamming could play in a social engineering scam. I would add terrorists to the list of laughing out loud observers.

The plain truth is that whether you wanted to induce panic by popping up an alert on myriad drivers’ satnav device screens about a bomb alert, and the consequential potential for accidents and freeway mishap, or send a specifically targeted vehicle along a different route (terrorist ears are already pricking up) then this hack makes it all too easily possible.


And the software developers? Their comments on this possible threat?

So far, and quite predictably, the satellite navigation device manufacturers and routing software developers have remained unavailable for comment. But then it is a weekend, so maybe the news will have found an efficient route to their desks by Monday and the comments will come thick and fast.

In the meantime, I urge bloggers who care about security to kick up as much fuss about this as possible. If we let it wash over us as just another story, then we could find ourselves writing about a much more serious satellite navigation inspired terrorist story in months to come.

Good advice. Any tech bloggers out there wanting to take this one on?

Sign up for my free WEEKLY STORM REPORT and receive a synopsis of the most important weekly news revealing the intimidation, infiltration and disinformation tactics used to soften-up the non-Muslim world for domination.

1 Comments:

  • Geez, WC. This is like something out of an action thriller.

    (Now is the time for all good tech bloggers to come to the aid of their country.)

    Excellent reportage, bud.

    Cheers - D

    By Blogger Dinah Lord, at 8:24 AM  

Post a Comment

<< Home