Hackers Take Control of ‘smart’ Sniper Rifle

TrackingPoint is a company that specializes in applied technology. They’re based in Austin, Texas and are known for building the first Precision Guided Rifle. A Precision Guided Rifle (PGF) is a long range rifle system meant to improve accuracy of shooting targets for long distances. A PGF is able to improve accuracy by using target tracking, HUD Display, and advanced fire-control. The purpose of a PGF is to account for human error such as misaiming, trigger jerk, or a miscalculation when setting up. A TrackingPoint Precision Guided Rifle could allow even a novice to reliably hit targets from over a mile away.

A pair of security researchers Runa Sandvik and Michael Auger bought two of the $13,000 TrackingPoint Rifles spent a year reverse engineering and hacking the rifles’ computer system. They were able to get into the rifle via the Wi-Fi and exploit vulnerabilities in the software. Once they were into the rifles’ system they could make the gun miss the target completely or can change a single number in the software and have the gun shoot to the right or left and hit an entirely different target all while having the HUD display normal readings. They also found that they could lock the gun owner out by becoming root and disabling the firing pin, or they could render the gun useless by deleting important files making the scope unusable. While the attacker can do a lot, the one thing the attacker cannot do is fire the gun randomly, because the TrackingPoint guns are built to only shoot when the trigger is pulled manually.

Gun Hackers

Sandvik and Auger said they will not release the code for their exploit because they feel that TrackingPoint in their current state would not have the manpower to fix the issue in their software. Sandvik states that the real issue here is that as we and our objects become more interconnected and attached to the internet, companies need to when you start putting technology into devices that have never had it before you need to take precautions and realize there will be security challenges that you did not have before.

TrackingPoint stated that after talking with Sandvik and Auger about the research they did, the company will look into developing a software update to patch the issues with the rifle’s vulnerabilities, and customers who already own it will be sent USB devices that contain the patch.

Sources:

http://www.wired.com/2015/07/hackers-can-disable-sniper-rifleor-change-target/

http://bgr.com/2015/07/30/hackers-smart-sniper-rifle-disabled/

-Peter Carenzo

Advertisements