If Hollywood is to be believed, every single thing around you can be hacked. Is your home heated with natural gas? All a hacker needs is a Die Hard movie and a computer to blow that shit up like a volcanic eruption. Do you use a smartphone? Uh oh — a sufficiently skilled hacker can detonate that thing like a hand grenade.
We all like to point and laugh at the ridiculousness of Hollywood computer crime, but here’s the thing: With everything around you, from guns to doctors to airplanes, growing ever more connected in what nerd-types call “the internet of things,” Hollywood’s “everything is hackable” trope is becoming less dumb every day. For instance …
#5. Electronic Billboards Can Be Easily Hacked (To Play Porn)
Electronic billboards, aka the bane of every poor bastard unlucky enough to work a shift that requires driving home after sunset, are gradually spreading to every intersection in America. Normally the image they’re searing into your retinas is informing you where to buy a new Ford or how many appetizers you can get at T.G.I. Friday’s for $10, but one spring Saturday in 2015 at an upscale neighborhood in Atlanta, commuters and diners at a pizza joint were instead treated to the presumably unappetizing image of a giant splayed asshole.
A concerned driver called 911 to report the “totally disgusting” image, and the FBI kicked off an immediate investigation, because apparently the FBI’s time is much less valuable than we previously assumed. It turns out all it takes to hack into one of these eye-broiling behemoths is to track down its web interface, type in a password that the sign’s owner probably never changed from the default, and boom! You’re free to put a gigantic floppy anus on display for the world in glorious, larger-than-life LED.
And this isn’t an isolated incident. Back in 2010, downtown Moscow traffic came to a standstill when a giant billboard displayed hardcore porn and drivers found themselves with a sudden shortage of hands for driving. More recently, a public billboard at a bus stop in Sweden displayed a continuous porn feed as a group of men huddled in close to watch (but not too close, because that would be weird). More recently, a hacker known only as Johnny Cockring used the aforementioned default credentials to hack into two Alabama billboards and upload Photoshopped images of then-presidential-hopeful Marco Rubio in hardcore gay porn:
Scads of Alabama commuters are still unconsciously humming “Y.M.C.A.”
So, yeah — all you need is a set of default login credentials and an adorable hacker name and you can break into one of these electronic eyesores and really brighten up someone’s evening commute.
#4. Remote Surgery Bots Can Be Hacked To Murder You Mid-Operation
It’s a staple of science fiction that future doctoring will be entirely offloaded to robots, because an electronic surgeon probably can’t go on a three-day Kahlua bender just before digging into your sensitive heart meat. And while we’re not at the level of fully robotic doctors yet, we are making great strides in that direction. For instance, surgeons can’t always be where a necessary surgery is needed, but they can tinker with your innards from thousands of miles away via remote-operated robots. The first such procedure took place in 2001 (a fitting year for technological breakthroughs), when a surgeon in New York removed a gall bladder from a patient in Strasbourg, France. That’s some next-level Captain Picard future shit.
Luckily for that patient, there was no hacker standing by to carve his Xbox Live name into the patient’s liver. But while the dedicated fiber connection used for that surgery would have prevented such shenanigans, it’s since become clear that the internet is a much cheaper means of linkage. And when has relying on the internet ever gone horribly wrong?
Researchers led by Tamara Bonaci at the University of Washington demonstrated that, with some fairly simple remote hijacking hijinks, they could make a Raven II surgical robot’s arms twitch like it hasn’t gotten its digital meth fix. Worse still, they could just as easily take total control of the robot using their knowledge of the Interoperable Telesurgery Protocol … the specs of which are freely available to any random asshat who’d like to brush up on the ins and outs of long-distance slicing and dicing.
“Med school’s for noobz.”
This means that, rather than your life being in the hands of a doctor with years of training, you could be at the mercy of a misanthropic hacker, a jilted lover seeking revenge on your fun bits, or a bored teenager looking to use your heaving carcass to play Surgeon Simulator minus the “simulator” part.
As an added bonus, Bonaci’s team discovered that the robot’s video feed was publicly accessible. So the most horrifying prospect of all is that someone could intercept your hemorrhoid surgery, set it to the tune of Selena Gomez’s “Hands To Myself,” and turn it into a viral YouTube sensation (or put it on an electronic billboard).
#3. Sound Waves Can Steal Data From Your Computer
Given today’s online environment of Fappenings and commonplace credit card account breachesand entire hospitals being locked out of their own computer systems by ransomware, there are probably those among you who yearn for the olden days, when getting online meant enduring the death howls of your dial-up modem screaming at AOL to allow you to check your ever-loving email. If you happen to be in that camp, we have bad news for you: Even if you stomp your Wi-Fi router into unrecognizable shards of plastic in a vigorous attempt to become a digital recluse, it won’t be enough. Not when every computer comes equipped with the capability to sing your most sensitive information to a nefarious hacker.
Back in 2013, German researchers at the Fraunhofer Institute For Communication, Information Processing, And Ergonomics produced a proof-of-concept malware capable of transmitting data via sound waves outside the normal range of human hearing. Using standard laptop speakers, the researchers were able to transmit sensitive data such as passwords for distances up to 65 feet. That may not sound overly impressive, but this range increases greatly when multiple infected devices are employed to repeat their whispers to one another in an “acoustical mesh network,” like a game of Telephone in which the ultimate payoff is not a hilariously jumbled story but your un-hilariously un-jumbled bank account and Social Security number.
Thierry Dugnolle/Wiki Commons
“0 … 4 … 8 … purple monkey dishwasher …”
Then, in 2015, security expert Ang Cui pushed the concept a step further by altogether eliminating the need for speakers and all-too-whimsically dubbing the resulting technology “Funtenna.” By inserting just seven lines of code into the meager brain of an off-the-shelf laser printer, Cui was able to fiddle with its electromechanical components and effectively transform the printer into a radio transmitter.
Though the resulting signal was weak (printers were designed to produce hard copies of school reports and teenage poetry, not output radio signals), it could easily be picked up from outside a building by an AM radio receiver or a geophone — a device readily available on Amazon for use in ghost-hunting, of all things. Of course, the only ghost being hunted in this case is that of Ben Franklin. So an enterprising hacker could theoretically steal every piece of data on your computer using nothing but your on-board speakers, and you wouldn’t even hear it happening.
#2. A Sniper Rifle Can Be Aimed And Disabled Via Wi-Fi
Becoming a sniper requires rigorous training, tip-top physical fitness, perfect vision, and a brain like a calculator to factor even the most minute environmental variables into every single shot. Of course, if you have an uncontrollable urge to remotely perforate things and quality-used-car amounts of cash burning a hole through your bank account, you could also just buy a computerized sniper rifle from TrackingPoint, because being able to order mile-away murder over the internet is the world in which we now live.
Lee Hutchinson/ARS Technica
“I’ll pay double for a nut-shot guarantee.”
Each rifle in TrackingPoint’s Linux-powered lineup comes equipped with a hi-tech scope that weaponizes math for you. Much like an accountant who depends on QuickBooks to do all the actual accounting, these rifles use “the same lock-and-launch technology found in military fighter jets” to “help shooters of any skill level shoot better than the best shooters who ever lived,” according to their website. Because guns were apparently not quite easy enough to use. While that in itself sounds downright liquid-terror-shit-inducing, if you spotted the mention of “Linux-powered” a moment ago you’ve probably already inferred that the real danger comes not from the man holding the gun but from his technologically savvy douchebag of a neighbor.
Lee Hutchinson/ARS Technica
Complete with d-bag shades.
Security researchers and happily married couple Runa Sandvik and Michael Auger (because the couple that hacks together stays together) spent a year hacking into a pair of TrackingPoint’s $13,000 self-aiming rifles just to see what they could make them do. And the results are alarming: After compromising the rifle via its Wi-Fi connection (for those wondering why a rifle has Wi-Fi: It’s so you can stream video of your shot to Facebook, which we’re pretty sure is the Seventh Seal), the researchers were able to fiddle with variables such as wind, temperature, and the weight of the ammunition to remotely re-aim the rifle wherever they damn well pleased.
In one demonstration, they caused the rifle to miss an intended target by more than two feet by simply cranking up the ammunition’s weight value. The couple could even remotely disable the rifle’s firing pin, essentially transforming it into the world’s most expensive Metal Gear Solid cosplay accessory. One thing they could not do, thankfully, was actually fire the rifle remotely — there’s a mechanism in place requiring a manual trigger pull in order to make big gun go boom. Because, you know, safety first.
#1. A Plane Can Be Hijacked Mid-Flight (With A Laptop)
In the movies, a laptop is like an enchanted fucking talisman. With it, you have the power to make traffic signals succumb to your will. You can heftily inflate your bank account with one forceful flick of the Enter key. You can cause the commercial airliner on which you’re sitting to do a sick-ass loop and head straight back to Syracuse to retrieve your forgotten disco pants.
OK, we may have just reached the pinnacle of faux-hacking absurdity with that last one. There is no possible way you can simply whip out a laptop and remotely commandeer a commercial airliner’s flight controls … unless, that is, you’re (former) cyber-security wizard Chris Roberts. Then you can absolutely do that exact thing.
After getting enthusiastically booted from a United Airlines flight in April of 2015 for jokingly tweeting his intent to hack the plane and activate its emergency oxygen masks, Roberts’ previous discussions with the FBI regarding his concerns about the rampant hackability of commercial passenger flights came to light. In fact, an FBI search warrant details how Roberts hacked into the in-flight entertainment systems of various airplanes up to 20 times between 2011 and 2014.
If you’re thinking he just wanted to watch Pacific Rim without coughing up his credit card number, think again. You see, on certain plane models, the in-flight entertainment systems were inexplicably connected to the cabin control systems, which in turn were even more inexplicably connected to the plane avionics systems. That’s how, according to the FBI documents, Roberts was once able to issue a climb command to one of the airplane’s engines, “resulting in a lateral or sideways movement of the plane during one of these flights.” That’s right — Roberts, using a laptop from his seat in coach, was able to make the airplane fucking move.
For his part, Roberts claimed that he only ever accessed engine controls in flight simulations, not while aboard actual flying jetliners brimming with jet fuel and a hundred other passengers. But then that’s precisely what we’d expect a guy who revved up a jet engine just for laughs to say.