STORY HIGHLIGHTS
- Once limited to the virtual world, hackers are targeting real systems
- Researchers have shown how to hack into prisons and open locks
- Another hacker uses cell networks to unlock and start cars, remotely
- A major computer worm called Stuxnet seems to have set off the trend
Las Vegas (CNN) -- If you've seen the 1983 movie "WarGames," in which a young Matthew Broderick accidentally uses computers to bring the world to the edge of "global thermonuclear war," then you have a pretty good idea what hackers and security researchers are super-concerned about these days -- in real life.
Here at the Black Hat hacker conference at Caesars Palace, computer security experts have shown ways they can use virtual tools to tap into and tamper with all kinds of stuff in the real world, which is the gist of what made "WarGames" so scary.
No longer limited to the digital domain, hackers -- many of them working for good -- are now targeting prison systems, the power grid and automobiles. They'll target anything with a mini-computer inside of it. These days, that's pretty much everything.
Researcher Don Bailey pointed out that there's even a pill bottle with a cellular connection, so that it can remind its owner when to take his or her medicine.
His first thought: "I'm not sure if that's a good idea."
A computer worm called Stuxnet is the main reason hackers and security types are focusing on these "real-world exploits" right now. While Stuxnet isn't grabbing as many headlines these days as Anonymous and LulzSec -- two hacking groups that have been stealing personal data and taking over big-name websites -- in-the-know security experts and ex-government officials say the idea behind that worm is actually far scarier.
"The Stuxnet attack is the Rubicon of our future," Cofer Black, the former head of the CIA's Counterterrorism Center, said during a keynote talk here
.
Stuxnet showed, for the first time, that a bit of malicious computer code could control industrial systems. The common wisdom is that the worm, which spread all over the Internet last year, was designed to attack and possibly blow up nuclear facilities in Iran.
No one knows for sure who wrote that worm, and its powers were never put to use. But the code is out there, and security researchers and hackers are jumping at the chance to study that code and figure out what else it -- or something like it -- could do.
The examples surfacing at Black Hat and DEF CON, a companion hacker conference attended by 15,000 people, sound like they're pulled from a Hollywood thriller.
Tiffany Rad, a computer science professor by day, showed that a little-known electronic component in correctional facilities could be hacked and used to throw open all the doors that lock prisoners in their cells.
"Where there exists a computer, there's still a chance of breaking that computer," said Teague Newman, who worked with Rad on the hack. The two say they have gone to the federal government with their research. They won't publish the exact code someone could use to tap into prison lock systems for fear that such an event would actually occur.
The prison hack wasn't even that hard, they said. Workingin a home basement in Virginia on a budget of $2,000, it took the duo only two hours to figure out and exploit the bug, which attacks a Siemens networking component called a programmable logic controller.
"It was not difficult," Newman said.
Siemens is working on a fix, but it won't necessarily come quickly.
"We need time to go after those vulnerabilities," said a Siemens engineer who asked not to be named because he's not authorized to speak on the record. "It's not like in the IT world where you can quickly create a patch. We are really talking about critical systems here ... so if you create a patch you want to make sure the patch doesn't influence operations and the PLC (the networking component) is still running afterwards as designed."
Rad and Newman said that company doesn't deserve all the blame. The way prison security systems are networked, and the way employees use them, are also at fault.
Central computers that control locks should not be hooked up to the Internet, for example, but they often are, the researchers said.
Other Black Hat speakers discussed the vulnerabilities of electrical grid and water systems, which, theoretically, could be attacked using similar methods. And further attacks focused on holes in cellular networks.
Again, the targets are real-world, not virtual.
Bailey of iSEC Partners demonstrated a way to hack into the mobile components on many cars to unlock or start the vehicles with a few texts from his Android phone. But breaking into cars isn't the scary part, Bailey said in an interview.
"I could care less if I could unlock a car door," he said. "It's cool. It's sexy. But the same system is used to control phone, power, traffic systems. I think that's the real threat."
As for solutions, Bailey said the problem is the cost and lack of regulation.
"The issue is not just architecture but its cost," he said. "A lot of the errors and the vulnerabilities I'm seeing (are) in overall architecture. It's all systems -- whether it's your car or your tracking device or your pill bottle or whatever.
"It's the issue of no regulations, no standards and no one enforcing any semblance of security."
Security professionals need to step back from the technology and look at how these real-world systems -- from prisons to power plants -- are designed, said Tom Parker, vice president of security services at FusionX, a computer security company.
"We're making the same mistakes over and over again," he said, adding that these at-risk networking components are doing more than they were designed to do.
None of the researchers argue that society should stop putting little computers inside everything. Instead, they said, we need to work harder to make those little computers secure. And if we don't, they say, the consequences could be huge.
http://www.cnn.com
http://www.cnn.com