Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Trucks and buses using Telematics Gateway could be exposed to hackers

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

March 8, 2016

Internet security researcher Jose Norte says that trucks, buses and vans using Telematics Gateway are exposed on security-search engine Shodan allowing hackers to alter various routes and probe speed parameters and specific location of vehicles travelling on highways as well as in cities.

The Barcelona-based CTO says that thousands of vehicles are exposed over Shodan and can be easily accessed without any user authentication.

Worse, attackers can download a free manual to learn how to navigate the devices and access various functions.

The onboard devices drivers use are to manage fleets, and send them new shipping routes from their base offices. Geo-fencing can also be established to prevent trucks from wandering off course or being stolen.

"It is also possible to monitor and control trucks, public bus or delivery vans from the internet, obtaining their exact speed, position, and many more critical parameters," Norte says.

"You can even control some data of the vehicle or hack into the CAN bus of the vehicle remotely as well, he asserts.

"Incredibly, Telematic Gateway is exposed to the internet with public addresses and no authentication, and can be easily used to remotely track industrial vehicles, geofence them, and change the mission route."

Affected vehicles use the Telematics Gateway Unit and a modem using various mobile data protocols such as 3G and 4G to connect to the web.

Attackers can easily access the device administrative interfaces using a web panel or telnet session.

Norte offers various commands that can yield interesting data as well. He does not claim that vehicles can be hijacked or otherwise have speed and braking systems remotely-accessed, however, but the interface with the CAN bus opens that possibility, and that is concerning.

Acceleration and braking can be accessed in some vehicles using the CAN bus but it is complicated and professional work is needed that often requires physical access to the vehicle, however.

Norte cites a manual showing the devices can be connected to a vehicle's CAN bus, ignition, battery, and immobilisers, among other critical features. "The theoretical things that could cause are very scary," he asserted. He urges hackers to avoid probing active vehicles.

Source: Jose Norte.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer