Sunday, August 9, 2015

Next Generation Sniper Rifle Hacked

In a demonstration of the wise saying “Just because you can make something, doesn’t mean you should”, the laser guided wifi enabled sniper rifle has been hacked.

12 Months ago I updated the technology page of this blog to include the TrackingPoint Precision Guided Firearm (PGF).  All that is needed to turn someone like myself (a complete shooting novice) into a sniper, is to “paint” the target with a laser sight, pull the trigger and then line up the firing dots.  When the target is in the optimal position (taking in to account wind, movement, curvature of the earth etc) the gun will fire on its own to take down the target.  I raised a number of concerns when I first posted about this weapon, including the wifi capabilities of the gun might lead to it being hacked.  Twelve months later, and that is no longer a possibility, but a reality.

Security researchers Runa Sandvik and Michael Auger were able to successfully hack into the TrackingPoint PGF’s computer and change the target, without the gun user being aware.  They also managed to hack the gun so that it couldn’t be fired by disabling the firing pin, and made changes so that the gun would fire wildly off target. Auger and Sandvik also found that they could load malware software on to the gun, so that changes were not initially obvious until certain times or locations are realised.

Happily, it was not easy for Sandvik and Auger to hack into the gun – it took them a year and they eventually had to destroy one of the guns by completely pulling it apart in order to work out how to hack in to it. However, now that the work is done, it can be repeated on other copies of the same gun.  What is to stop a well funded military who has a lot of hacking expertise (yes, I’m looking at you China and Russia) from purchasing a gun and doing the same thing?

I have many concerns about the capabilities of this weapon, however it seems that the biggest vulnerability with the gun was its wifi capability. Which begs the question, of why was it wifi enabled in the first place.  It seems it was to make it easier to operate from difficult positions (using google glass for example, to shoot around corners), and to share your exploits (be they shooting animals for sport or humans in battle) in current time to your friends and family back home, and your command in HQ.  Sandvik in an interview with PCMag stated that "There's a lot of cool things you can do with technology and connecting it to the net, but there's a question of whether or not it's necessary to do that".

It seems that the CEO of TrackingPoint could use some sage advice from William Adama from Battlestar Gallactica, who had a deep distrust of networked computers when it came to military equipment.  Perhaps it is time to take stock and think about the ethical and security issues raised with the development of new weapons – just because it can be made, doesn’t mean it should be made, and just because it can be wifi capable, doesn't mean it should be.