Self-aiming sniper riffles equipped with a computer designed to turn a rookie hunter into a professional marksman can be hacked. Two cyber security experts worked over one year to hack the $13,000 weapons and they were successful.
Runa Sandvik and Michael Auger presented their findings this week at an annual hacker convention dubbed Black Hat. The two hackers who are actually a married couple were able to breach the riffle’s Wi-Fi system and remotely control it despite the owners’ best efforts.
The duo managed to scramble the variables the scope uses when it selects a target and force it to shut down the computer, make the weapon inoperable, or force it to miss its target.
The tweaks hackers performed in sniper riffle’s system were so precise that they could command the weapon to hit a bullseye on a target of their choice rather that of the gunman’s (see video below).
“You can make it lie constantly to the user so they’ll always miss their shot,”
said Sandvik, who also worked as a developer with the team that designed the privacy-friendly internet browser Tor.
Runa noted that if the system is compromised, its seven thousand dollar computer becomes inoperable and the shooter still needs to aim the riffle manually.
The self-aiming system called TrackingPoint is powered by Linux OS and was first rolled out four years ago. Since, then the producer sold more than one thousand riffles despite their spicy price.
Users need only to point at a target and pull the trigger. Next, the weapon decides when to fire and makes sure that the barrel is perfectly aligned with the target. So, the smart gun can allow even grandma to hit a moving target from up to a mile away.
Nevertheless, the hacker couple said that the riffle had enough vulnerabilities in its Wi-Fi and computer systems to allow cyber attackers take over and manipulate the self-aiming features as they like.
They noted that the first vulnerability they encountered was the Wi-Fi which allows the user stream a video with him or her hunting and upload it on a personal computer. Usually, the Wi-Fi is turned off, but when the user activates it only a password shields the system from intruders located within Wi-Fi range.
When the Wi-Fi is on, any professional hacker can use the standard drills required to hack into a server. When the hacker is in, the user doesn’t know it because the change is only signaled by a subtle jump in the scope’s view which a non-professional hunter may link to accidentally jostling the firearm.
Image Source: Geek