DEF CON security convention is held in Las Vegas, hackers are invited to pick locks and uncover vulnerabilities at make shift locations like hospitals. This year control units in cars are in play as they try to take over driving functions.
Not all hacking is malicious, white hat hackers are cyber experts who specialize in discovering vulnerabilities to help organizations.
Attendees who visited the car hacking site had to escape a vehicle by deciphering the code to open its trunk, control its radio volume and speed, and lock the doors through their computers.
Volkswagen, Fiat Chrysler and suppliers Aptiv were among this years car hacking village sponsors.
One of the more interesting things about car hacking is the threat of a terrorist taking control of your car, is plausible, the most common threat to the average consumer will come from their mechanic. If you had a shady mechanic they could program your electronic brake sensor to trigger early by manipulating the control algorithm. Or they took your Ferrari out of a spin and they wanted to turn back the odometer. This would be far easier than the alternative, remember how badly it ended in the 1986 film Ferris Buller’s Day Off.
Automotive provides a specific challenge because the systems are district from other security areas. More connections and technological features in modern vehicles also increasingly attract security professionals from other research areas.
25,000 attendees will pass through the halls of DEF CON this year and the largely male participants are not registered by name to protect their identities. To attend you must pay in cash to receive a blinking badge featuring an exposed circuit board that allows them to complete tasks.
The conference provides a rare opportunity for enthusiasts to learn about car hacking, a resource-intense research field that requires specialized knowledge and lots of preparation.
White hat hacking has been on the rise in recent years as these ethical hackers work to expose security threats. Even though their intent is not malicious they haven’t always been welcomed or liked by many companies. Many hackers say they feel a responsibility to let users know about security flaws. When companies get mad at them for exposing potential vulnerabilities, they question whether the organization is taking security seriously.
Events like these have become a chance for hackers and companies to come together to create with the goal of creating safer and more secure systems.