Hackers Found a Way to Hijack a Smart Rifle and Change Its Target

Impact

Two researchers found a way to hack into a high-powered, self-aiming smart rifle, disabling it and causing it to change targets entirely.

Wired reports that security specialists Runa Sandvik and Michael Auger showed how TrackingPoint's self-aiming sniper rifle, a $13,000 device, could be hacked by accessing its Wi-Fi enabled computer system to both disable the gun and pick a new target. This all can happen remotely; the shooter would have no idea until the shot was fired.

"You can make it lie constantly to the user so they'll always miss their shot," Sandvik told Wired. "If the scope is bricked, you have a six- to seven-thousand-dollar computer you can't use on top of a rifle that you still have to aim yourself."

Sandvik and Auger plan to showcase their findings at the upcoming Black Hat hacker conference in Las Vegas.

YouTube

Technologically speaking, the weapon itself is very cool. The scope lets you dial in a bunch of variables, like ammunition weight and wind speed, that matter when you're firing an extremely long distance. When you pull the trigger, the gun won't fire until conditions are perfect and everything is perfectly lined up in the scope via an electronic crosshair system.

The applications of the weapon could be game-changing. A military sniper, even one with little experience, would be able to hit a moving target from a long distance on a windy day. Hunters could shoot big game without even entering the animal's vicinity. The vulnerabilities Sandvik and Auger revealed center on the scope's Wi-Fi connection, which is disabled by default.

YouTube

The ugly side of the "Internet of things": In the effort to make every object hyper-accessible and connected, you'll inevitably run into people who will find ways to expose vulnerabilities, such as automobiles getting disabled on the highway by remote hackers. This is especially troubling when military technology is at risk. Sandvik and Auger are security researchers, but other hackers could exploit this method in more destructive ways.

That's a scary thought, but there are positive implications for the remote access of smart weaponry. This could be a great way to deter poachers. National park organizations like the Zimbabwe Parks and Wildlife Management Authority, which oversees the park where Cecil the Lion was shot by Walter Palmer, could ostensibly fly drones carrying an auto-running program that could target and disable Wi-Fi-enabled scopes.

Watch the full video of Sandvik and Auger below.

h/t Wired