Radio-enabled telematics unions leave industrial vehicles open to attack

In 2016, Spanish Jose Carlos Norte, the chief technology officer at Telefonica subsidiary EyeOS, used the scanning software Shodan to find thousands of publicly exposed telematics gateway units. TGUs are small radio-enabled devices that are attached to industrial vehicles so their owners can track their location, petrol usage, and other parameters. At least one of these TGUs, made by the French company Mobile Devices, had no password protection. Norte was able to look up the location of hundreds or thousands of vehicles at any given time, and noted that anyone could connect to and interact with these devices. Even more alarming, the TGUs were connected to the vehicles' CAN bus; earlier research had already suggested the dangers that could apply when vehicles are attacked while on the road, particularly given the size and weight of large trucks. Norte noted that he had published his work in order to force updates to fix the problem.

https://www.wired.com/2016/03/thousands-trucks-buses-ambulances-may-open-hackers/

Writer: Andy Greenberg
Publication: Wired