US military's smart rifle can be HACKED: Security researchers remotely change weapon's target and disable its scope

Hackers took control of the rifle using its ability to access Wi-Fi networks

Popular Articles

  • Hackers took control of the rifle using its ability to access Wi-Fi networks
  • Gun has a default password that allows anyone with access to connect to it
  • They were able to change the target by feeding data to the scope computer
  • However the hackers were not able to make the gun fire without the trigger being pulled by the shooter

 

Last year the US army confirmed it was testing smart rifles with computer-guided scopes that can aim themselves.

But now hacking researchers have revealed that they can take control of the weapons remotely, changing their target or disabling the weapon completely.

The hack is based on the smart rifle's Wi-Fi connection, and has the potential to make the weapons - which were delivered to the US army last year - vulnerable to being hijacked.

Researchers have demonstrated how their technique can wreak havoc with the gun's targeting computer, causing it to miss its target, prevent it from firing or even disable the scope completely. Pictured is a self-aiming weapon manufactured by TrackingPoint

TrackingPoint, the company that makes the smart rifles, uses cameras, sensors and Linux software to make its weapons that can turn even an inexperienced marksman into a deadly sniper.

Last year it was reported that the US army had acquired six of the weapons for testing, but the company marketed them primarily to hunters.

But researchers Runa Sandvik and Michael Auger have revealed a way to hijack the guns, and they plan to present their research at the Black Hat hacker conference in two weeks, according to Wired.

 

They revealed the hack to point out security flaws in the rifles, and they have been in touch with TrackingPoint to try to work on a fix to the vulnerability.

Sandvik and Auger demonstrated how their technique can wreak havoc with the gun's targeting computer, causing it to miss its target, prevent it from firing or even disable the scope completely.

Their tricks interfere with the calculations of the rifle's targeting computer so accurately that the hackers could hit a bulls-eye of their choosing - without the shooter knowing. 

HOW THE RIFLE WAS HACKED

The rifle scope allows users to choose a target and dial in variables including wind, temperature and weight of ammunition.   

But when the Wi-Fi is activated, the gun has a default password that allows anyone in the network to connect to it.

Hackers can treat the rifle as a server and access its targeting application - but the researchers had to dissect one of the rifles to find its targeting variables, copying data from the on-board computer's flash storage, according to the report.

They demonstrated their successful hack to Wired at a West Virginia firing range, showing how they could change the target by feeding inaccurate data to the targeting computer.

However the hackers were not able to make the gun fire without the trigger itself being pulled by the shooter. 

'You can make it lie constantly to the user so they'll always miss their shot,' Sandvik, a former developer for the anonymity software Tor, told Wired.

Married couple Sandvik and Auger have been working on two of the $13,000 (£8,000) TrackingPoint self-aiming rifles for the past year.

The rifles have a Wi-Fi connection so that the rifles can stream video of their shot to an iPad or computer, but which also leaves them vulnerable to the techniques developed by Sandvik and Auger.  

'If the scope is bricked, you have a six to seven thousand dollar computer you can't use on top of a rifle that you still have to aim yourself,' said Sandvik.

TrackingPoint, which launched in 2011, has sold more than 1,000 of the high-end rifles, according to Wired's report.

The rifle scope allows users to choose a target and dial in variables including wind, temperature and weight of ammunition.   

The rifles have a Wi-Fi connection so that the rifles can stream video of their shot to an iPad or computer (pictured), but which also leaves them vulnerable to the techniques developed by Sandvik and Auger 

The rifles have a Wi-Fi connection so that the rifles can stream video of their shot to an iPad or computer (pictured), but which also leaves them vulnerable to the techniques developed by Sandvik and Auger 

But when the Wi-Fi is activated, the gun has a default password that allows anyone in the network to connect to it.

Hackers can treat the rifle as a server and access its targeting application - but the researchers had to dissect one of the rifles to find its targeting variables, copying data from the on-board computer's flash storage, according to the report.

They demonstrated their successful hack to Wired at a West Virginia firing range, showing how they could change the target by feeding inaccurate data to the targeting computer.

However the hackers were not able to make the gun fire without the trigger itself being pulled by the shooter. 

TrackingPoint founder John McHalet told Wired: 'The shooter's got to pull the rifle's trigger, and the shooter is responsible for making sure it's pointed in a safe direction.

'It's my responsibility to make sure my scope is pointed where my gun is pointing. The fundamentals of shooting don't change even if the gun is hacked.'

Larry White
By Larry White 30/07/2015 11:23:00