Recently we reported that some security researchers managed to hack into the Jeep’s onboard entertainment system to remotely take over the vehicle’s control, eventually crashed it.
Now researchers have managed to hack and gain access to the self-aiming sniper rifle’s computer system.
We know that sniper rifle itself is non-vulnerable and can never be hacked but adding a computer and providing it an access to the Internet connection will make nearly anything vulnerable to hacking.
The Sniper Rifle and Its Working
The sniper rifle is manufactured by Tracking Point having a model number TP750. It is a 750 series precision-guided sniper firearms powered by Linux-based computers which make use of the advanced technologies to help the shooter to lock onto their target while enabling them to shoot targets that are considered beyond human capability, even if the target is at extreme distances.
“A Precision-Guided Firearm incorporates the same tracking and fire-control capabilities found in advanced fighter jets”
The cutting-edge technologies being used by this sniper rifle to ensure precision includes TriggerLink, which connects the tracking optic with a guided trigger; Tag-and-Shoot feature allows you to mark an exact target impact point; and then comes the tracking system that guides the trigger.
With this self-aiming sniper rifle, shooting your target with precision has become so easy that any average shooter can go out and make 1000 yards shots.
Using this high-tech firearm, all the shooter have to do is press the tag button to mark the target, align the scope to the mark and then hold the trigger, leaving the rest onto the built-in computer based automated precision-guided ‘fire control’ system of the sniper rifle.
The scope allows the shooter to key in the variables like temperature, wind as well as the weight of the ammunition being used.
The fire control system used in this rifle is basically a computer that guides the release of the shot by virtually eliminating all the human errors that are caused by mistiming, misaiming and most importantly the jitter generated by the central nervous system.
Now that fire control system, connected to the Internet, built into the sniper rifle calls for the vulnerability. And according to my speculations, the vulnerability lies within the software that controls the weapon’s TriggerLink system.
As discussed above, this firearm uses the TriggerLink technology along with the guided trigger which ensures that the round is released at the accurate moment. So even if the trigger is pressed, the round will not be released until the shooter perfectly aligns the barrel with the tagged point.
According to the security researchers, Runa Sandvik and Michael Auger, they have managed to hack a couple of TrackingPoint self-aiming sniper rifles.
If what Andy Greenberg of WIRED said turned out to be true, the vulnerabilities found out by the security researchers will allow the hacker to alter the calculations made by scope, making the rifle mysteriously miss the target. The hacker can also permanently disable the rifle’s computer system and even inhibit the weapon from firing any shot at all.
The researchers, Sandvik and Auger also found out that there is a series of vulnerabilities in the weapon’s software which could be used to take control over its self-aiming functionality.
“The researchers were able to dial in their changes to the scope’s targeting system so precisely that they could cause a bullet to hit a bullseye of the hacker’s choosing rather than the one chosen by the shooter.”
The very first vulnerability is an access to the Wi-Fi connection, a rifle’s feature allowing the shooter to stream a live video directly from the scope to a computer or tablet located within its range. If the Wi-Fi is enabled then anyone within the range would be allowed to connect. And if any hacker is able to connect to the weapon, he will then be able to change the variables like temperature, wind and weight of the ammunition.
While playing with the hacked rifle’s software, both researchers found out that hacker can alter the weight to whatever number they want. For instance, lowering the ammunition weight (even entering negative values) will shoot the ammo to the right side whereas increasing the ammunition weight will force the weapon to shoot the ammo to the left-hand side.
The guys over at WIRED got in touch with John McHale, the founder of TrackingPoint, who said that he appreciates the researcher’s efforts and also invites them to work with the company to help them patch the software vulnerabilities and also develop a better software for their future products.
He also added that once these vulnerabilities are patched, the company will send the updated version of the software via mail to their customers.
“The shooter’s got to pull the rifle’s trigger, and the shooter is responsible for making sure it’s pointed in a safe direction. It’s my responsibility to make sure my scope is pointed where my gun is pointing,” McHale said while further arguing. “The fundamentals of shooting don’t change even if the gun is hacked.”
Since the TrackingPoint has only sold around a thousand rifles while the hacking attempt can be made if both, the hacker and rifle is in a close range, making it doubtful that anyone will be victimized by this vulnerability attack.
Runa Sandvik, one of the security researcher and a former developer of Tor anonymity software said:
“There are so many things with the Internet attached to them: cars, fridges, coffee machines, and now guns. There’s a message here for TrackingPoint and other companies…when you put technology on items that haven’t had it before, you run into security challenges you haven’t thought about before.”
Let’s see what these two security researchers have planned to reveal about this Tracking Point’s sniper rifle at the Black Hat conference which is scheduled for August 12th.
Report typos and corrections to email@example.com