Uncategorized PDQ’s Smart Car Wash Vulnerabilities Can Injure Humans and...

PDQ’s Smart Car Wash Vulnerabilities Can Injure Humans and Cars Alike – The Merkle

-

- Advertisment -

Making electronics “smarter” does not necessarily mean they are protected from external threats. In fact, smart devices are often even more prone to cyber attacks due to their constant connection to the Internet. A recent experiment involving smart car wash equipment revealed how several key flaws could be used to cause physical injuries to both cars and people. It appears the smart car wash solutions from U.S.-based PDQ are the main culprit.

Smart Car Wash Security Flaws are Problematic

Most people look at the car wash in the same way they have done for decades now. The entire process has been automated for quite some time, though there may now be software powering the entire experience. PDQ, a well-known U.S.-based vendor of Internet-connected car wash equipment, has been making some bad headlines of late.

Two security researchers have uncovered how car wash equipment contains multiple vulnerabilities. If these loopholes were to be exploited by people with malicious intents, they could cause damage to cars or physical harm to passengers and employees. That is not something a smart car wash vendor wants to be associated with. Even though these flaws have existed since January 2015, PDQ has not taken the necessary steps to patch the weaknesses. That is absolutely unacceptable.

Making matters worse is that the affected PDQ products are not just sold in the U.S., but rather on a global scale. Their LaserWash, LaserJet, and ProTouch equipment all contain these same vulnerabilities, which can have disastrous effects. The complex multi-component devices have built-in web servers which allow employees and car wash operators to manage them remotely. In this day and age, that makes a lot of sense. However, manufacturers also must take the necessary steps to protect these servers from nefarious activity, which does not appear to be the case with PDQ.

According to the researchers who disclosed these vulnerabilities back in 2015, the equipment’s login procedure has an authentication method which can be bypassed with ease. Once this occurred, they were given full access to the hardware’s control panel. This panel gives users full access to diagnostics, the setup of individual parts, and also the ability to cause damage to both cars and humans alike. PDQ decided to ignore this research for more than two years.

The researchers continued experimenting with the flaw they discovered in order to see what kind of damage could be done. They have since developed a few exploits which could have grave consequences, including the option to disable security sensors and alter hardware behavior. For example, it is possible to close the car wash’s doors when a car or person comes through. Additionally, the washing arms can be modified to hit cars and trap people in their cars for extended periods of time. All it would take is an automated script to put the well-being of one’s vehicle or oneself in danger.

Thankfully, PDQ has finally acknowledged these problems and promised they will fix the issues. This only occurred after the Industrial Control Systems Cyber Emergency Response Team issued a nationwide alert about this vendor’s equipment. Flaws like these should never be allowed to remain active for as long as they were in this case, especially after receiving proper documentation from researchers on the potential outcomes. PDQ certainly dropped the ball here.

Source link

Latest news

Make Fast and Secure Trades Using Bitengo.io

Bitengo.io is a Cryptocurrency trading platform that allows users to buy and sell their Cryptocurrency in a...

Network Security Using Cryptography: Everything you need to know

This article will describe what is Network Security Using Cryptography and everything you need to know before...

Mercuriex Cryptocurrency Exchange Launches New Utility Token, SURF

MercuriEx Cryptocurrency Exchange, originally developed in 2017, came under new ownership in December 2019. Since taking over the exchange,...

Fungibility: Bitcoin Mixers Favorite Term That No One Understands

Fungibility, perhaps the most important concept when dealing with a decentralized and anonymous currency, but does bitcoin...
- Advertisement -PDQ’s Smart Car Wash Vulnerabilities Can Injure Humans and Cars Alike – The Merkle

Crypto can’t thrive in the real world – but stablecoins can

We can safely say that the hype about cryptocurrencies is pretty much over. The claims of Bitcoin...

How to double your crypto

Most of us have a small gambler deep inside our souls. We love to feel the thrill...

Must read

Make Fast and Secure Trades Using Bitengo.io

Bitengo.io is a Cryptocurrency trading platform that...
- Advertisement -PDQ’s Smart Car Wash Vulnerabilities Can Injure Humans and Cars Alike – The MerklePDQ’s Smart Car Wash Vulnerabilities Can Injure Humans and Cars Alike – The Merkle

You might also likeRELATED
Recommended to you