Halloween’s Most Horrible Hacks

Courtesy of hyena reality

Halloween happens in just a few days. And on that frightful night some pretty horrifying little creatures will be knocking at your door. Terror and fright on Halloween is all fun and games. But real terror has become part of our lives in the digital age. We have come to fear identity theft, data breaches and other digital age terrors. Everyday someone has a bank account emptied. There are monsters in cyber space. Online digital demons commit evil acts and do horrible things using technology and the Internet. We all need to be aware of the evil that lurks in cyber space. But evil has no limit as hackers are always trying to out do one another. There is a threat in cyber space that could kill thousands and even cripple civilization. Here are some really terrifying Halloween hacks.

1) Aircraft hacking is real. What happened to Malaysian Airlines Flight 370? It disappeared without a trace. Was it hacked? No one knows. It simply disappeared.  IOActive’s Ruben Santamarta said it was possible to hack satellite communications equipment on passenger jets. This is done by hacking into the Wi-Fi and in-flight entertainment systems such as those found on Southwest Airlines. This attack was proven possible but only in a laboratory. Santamarta said a potential attacker could hack the plane’s avionics disrupting or altering satellite communications. The result would be a modification or disruption of the aircraft’s navigation and safety systems. Aviation experts disagree, calling such an attack impossible. But is it? PlaneSploit is an Android app that has demonstrated the ability to take over an aircraft. Created by security researcher and commercial pilot Hugo Teso, the app allows users to control a plane from the ground using an Android phone, a radio transmitter and flight management software. The app is not exactly highly technical but you need some hacking knowledge. PlaneSploit was demonstrated during the Hack In The Box conference in Amsterdam. Teso demonstrated how he could change the flight path of a plane to a crowd. You can use this system to modify approximately everything related to the navigation of the plane,” said Teso, adding, “that includes a lot of nasty things.”

2) Murder by hack! If someone has an implanted medical device an evil person could tamper with it and potentially kill them. Medical devices have the capability of being hacked. In 2012, the late New Zealand hacker Barnaby Jack discovered a way to hack an implanted insulin pump causing it to inject 45 days’ worth of insulin in one shot. He also figured out how to shut down a heart pacemaker. Needless to say either of these hacks would cause almost instant death.

An investigation by the US Department of Homeland Security is focusing on “two dozen cases of suspected cyber security flaws in medical devices and hospital equipment.” These flaws could cause serious injury or death in the recipient. Unnamed sources familiar with the investigation by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) report the devices under investigation include infusion pumps from Hospira Inc. and implantable heart devices from Medtronic Inc and St Jude Medical Inc.

Modern implanted medical devices were never designed to be “hacker proof”. This makes them easy targets for the evil hackers we know are out there. 

3) Disrupt civilization. How would you survive without electricity, water or telephones? What would life be like if you could not buy groceries or gas? What if the traffic lights suddenly stopped working? What if a nuclear power plant became unstable due to a hacker taking over the controls? All these are very, very real possibilities and would most likely create panic even anarchy. Civilization would come to a halt.

University of Michigan security researchers using  a standard laptop hacked nearly 100 wireless networked traffic lights and were able to change the state of the lights on command. A hacker could paralyze a city with this technology.

Research released by Automatak in 2013 revealed 25 vulnerabilities in power plants across North America. The flaws found at electrical substations, water utilities, and power stations left them open to attack. If a hacker so desired they could exploit these vulnerabilities to crash or hijack the servers at these facilities resulting in the loss of utilities for millions of people.  Hackers have also attacked the banking and financial network causing outages at ATMs and retail point of sale systems locations.

4) Are the babies safe?  The connected home is here. Everything in your home can be connected to the Internet and controlled through your mobile device or web browser. And this means that a hacker can hack into your home turn off alarms and open doors for burglars or worse. They could tamper with the thermostat, lighting, sprinklers or other home controls systems. A hacker could penetrate, even take over devices. In April of this year an Ohio couple were awakened by the voice of an unknown man shouting “wake up baby!” through their wireless baby monitor. A hacker had penetrated their home network and was harassing a sleeping child. Cameras throughout the home allowed the hacker to see the child in her bed.  Hackers have taken control of laptops with webcams and microphones and spied on families. Hackers have taken pictures of women nude, including Miss Teen USA, and blackmailed them. Its called sextortion. Smart televisions with cameras and Internet connections have also been hacked and used to spy on people. Devices in the modern connected home present significant security risks. Keep that in mind as we enter the frightening age of the Internet of Things.

5) Empty the prisons. Did you ever see that movie where a small town was overrun and terrorized by escaped convicts? Is this possible? The answer is yes! Modern prisons are now computer controlled. At a recent DEFCON conference in 2011 researcher John Strauchs demonstrated that it is indeed possible to open every cell door in a prison at once. He hacked into an industrial programmable logic controller. The same hack used to attack an Iranian nuclear facility. What would happen if a hacker could do this to prisons or local jails all over the country on the same day?

6) Your car is a death trap! The newest cars are Internet connected with WiFi and Bluetooth technology. New cars no longer use keys. They can be unlocked and operated  using a wireless key fob. You can get GPS directions and Internet radio and movies. But a hacker could decide to disable your brakes while you’re doing 70 mph on the interstate! Maybe a criminal just wants your car and decides to hack the door locks and just drive away…with you in it! Imagine the horror of discovering your steering is locked while driving with your family in the car. These things can happen with the new technology in cars today. Read all about it here in the AACR report “Hack My Ride”

What we are talking about is not an imaginary scenario. Technological terror is real and the next hack could seriously impact the entire nation. Cyber terrorism is the new frontier for terrorists and they are seeking a target. The intend to do damage far worst than the 9/11 attacks. Imagine if every person in the United States woke up to find that our electronic financial infrastructure was crippled and the banks were shut down? It could happen. Ask  the FBI who have an entire division that is dedicated to stopping a cyber terror attack. But most experts agree, it will happen.

Happy Halloween!