Watch Dogs Now Proactively Being Blamed For Traffic Sign Hacking By Apparent Pre-Crime Division

from the the-future-is-now dept

Blaming stuff is becoming something of a fad, I guess. If recent reports are to be believed, it's not all hip and whatnot to blame ghost stories for violence, video games for everything, and specifically Watch Dogs for teaching children how to hack Glenn Beck's iPad. And speaking of Watch Dogs, the game du jour, it apparently has such a target on its back these days that it's being blamed for pre-crime. Confused? Let me explain.

Earlier this week, news media in North Carolina reported that at least three highway signs there had apparently been compromised and re-worded to read “Hack by Sun Hacker.” Similar incidents were reported between May 27 and June 2, 2014 in two other states, which spotted variations on that message left by the perpetrator, (including an invitation to chat with him on Twitter).
Now, the article then goes on to note that the blame for this hack in part falls on the way the signs were set up to use SNMP, allowing for a fairly simple password hack to give the hacker control of the signage. The hacker is described as a Saudi that is essentially a tinkerer, not to be counted amongst the more nefarious types of international bad actors. The Multi-State Informational Sharing and Analysis Center report responsible for the above, however, also lets loose with this gem:
“…likely coincides with the May 27, 2014 release of the video game ‘Watch Dogs,’ in which game play revolves around ‘hacking,’ with a focus on hacking critical infrastructure-based electronic devices in particular. Watch Dogs allows players to hack electronic road signs, closed-circuit television cameras (CCTVs), street lights, cell phones and other systems. On May 27, 2014, the malicious actor posted an image of the game on his Twitter feed, demonstrating his interest in the game, and the compromise of road signs occurs during game play. CIS believes it is likely that a small percentage of Watch Dog players will experiment with compromising computers and electronic systems outside of game play, and that this activity will likely affect SSLT [state, local, tribal and territorial] government systems and Department of Transportation (DOT) systems in particular.”
If you didn't just throw up, shame on you. What the report does is take a low-level script junkie and website defacer, who was already doing these things over the course of the past couple of years, and blamed his latest prank on Watch Dogs. Then, without missing a beat, it postulates that some unknown percentage of Watch Dogs players will put their controllers down just long enough to go out and try to hack all the things themselves. It's insane on its face. I don't recall any percentage of Nintendo players seeking out lines of turtles upon which to leap, nor do I recall any number of children or adults buying up all the hedgehogs at Pet Smart and then rolling them down long and complicated loop-to-loops to see how many rings they could collect. These are the kinds of allegations that only sound like they should make sense because games have become more realistic, but that doesn't mean they actually do make sense.

And in the end, the focus should be on improving the security of the systems in question, not demonizing entertainment as a scapegoat. The attempt to shift blame is a distraction from the real story: whoever put those road signs in place couldn't manage to protect them from a prankster. That's the entire tale, period, paragraph.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    icon
    That One Guy (profile), Jun 12th, 2014 @ 12:53pm

    'Where's the freakin' X button on this thing?!'

    Then, without missing a beat, it postulates that some unknown percentage of Watch Dogs players will put their controllers down just long enough to go out and try to hack all the things themselves.

    ... only to go right back to their game five minutes later, after they find out that you can't in fact take control of an ATM, camera, or security system by pushing a single button and/or completing a short mini-game on their tablet/phone.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Jun 12th, 2014 @ 1:14pm

      Re: 'Where's the freakin' X button on this thing?!'

      Actually road signs were usually pretty easy, as they tended to use the default password. Jalopnik article with the default password listed in 2009. But I guess this is something new...

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Jun 12th, 2014 @ 1:17pm

    Back in the 90s

    Back when I was in high school someone "hacked" one of the highway signs and changed it to "Fuck you Wiecker". Weicker was governor of Connecticut at the time. He would have gotten away with it too if he hadn't gone back in and changed it to "Nice try DOT". I knew it had to be someone I knew because the way you got into this sign was by calling a phone number with a computer modem. It didn't have any password protection at all. After they changed it the first time they must have put on a trace because they got him the second time. And sure enough, it was a friend of mine from the local chat system.

    But I still contend that the game Hacker taught him how to do it. Or maybe Wargames.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Jun 12th, 2014 @ 1:33pm

    These hacks have been going on for a long time. How do they explain all the past sign hackings before Watch Dogs was released?

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Jun 12th, 2014 @ 1:44pm

      Re:

      Time travelling hacker. I blame Back to the Future.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      That One Guy (profile), Jun 12th, 2014 @ 1:47pm

      Re:

      You're assuming far more rationality than they have. After all, violence has been depicted, and often-times glorified, long before video-games ever came about, but that hasn't stopped them from blaming video-games for violence.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Jun 12th, 2014 @ 1:57pm

        Re: Re:

        I wonder what they blame the conquest by the Romans on or the Medieval Crusades or Putin's adventure into the Ukraine? Yeah, must have been all those video games.

        When you put little into the belief that security is needed at all, sooner or later someone is going to try it and find out just how little it was thought of.

        There's a simple cure to all this. Try requiring security as part of the system at the start. Just because no one has thought of it today doesn't mean no one ever will. Even rudimentary security would have helped.

         

        reply to this | link to this | view in chronology ]

    •  
      icon
      PaulT (profile), Jun 13th, 2014 @ 12:27am

      Re:

      Facts don't matter in these cases. They just need to use the latest scare tactic to get viewers/readers/ad revenue.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Jun 12th, 2014 @ 1:45pm

    If that's the only thing that happens....

    Then they're fortunate.

    Having a bunch of kids "testing" your secure systems for you and doing mostly-non-harmful stuff with them is probably the best outcome.

    The real problem is when the bad guys (who don't bother playing stupid hacking games), already know how to use them for nefarious purposes, and just haven't done so yet.

    So let's hope these harmless hacks spur government agencies into fixing the problems before worse happens.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Mike Masnick (profile), Jun 12th, 2014 @ 1:54pm

    They could blame LA Story

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      Gwiz (profile), Jun 12th, 2014 @ 2:03pm

      Re: They could blame LA Story

      I immediately thought of that movie too.

      But, the signs in L.A. Story were changed by some sort of ethereal force or being.

      Maybe they will now combine all of this and bring us back full circle so Slender Man could be blamed for this too.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    mcinsand, Jun 12th, 2014 @ 1:59pm

    what about FTL?

    With the new update to FTL, there is a hack subsystem for disabling a subsystem on an opponent's ship. Maybe FTL is to blame, too. I'm just sayin'.

    On a serious note, I'm still in awe over how much the developers put into this new update. I don't think I've ever seen so much new content go into a game without it being a non-free expansion pack or version. That team ROCKS!

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Jun 12th, 2014 @ 2:24pm

    Default passwords, and connected to the Internet without any encryption. The manufacturer and users of these devices are to blame if they are hacked.
    I would also suggest that the default approach for devices like road signs and cameras, especially if they cannot support encryption, is that they make the connection to their control system, rather than accepting incoming connections, or possibly only accept one incoming message, a request for them to connect to their controller.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Jun 12th, 2014 @ 3:39pm

      Re:

      SNMP is an often misunderstood, and misused protocol... when I used to work for a company producing network management software, I was absolutely astounded at how often routers and other major infrastructure equipment was left with the default SNMP settings allowing just about anyone to view and even modify raw configuration data.

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        G Thompson (profile), Jun 12th, 2014 @ 9:06pm

        Re: Re:

        I've gone past being astounded by the stupidity years ago..

        Just the other day I was at a company and had to enter a standard users account.. the password they gave me was "password2" the username I had to use? "User2"

        Have a guess what ever single password was on every user Numbers account! *eyeroll* Oh and this was a $100million a year company that deals with a LOT of sensitive information from government clients.

        I have sent a nicely worded memo to their IT dept and Senior management with the threat of outing them to the Govt dept who sends them clients, but they are basically, like a lot of people purely apathetic to any problem

         

        reply to this | link to this | view in chronology ]

        •  
          icon
          That One Guy (profile), Jun 13th, 2014 @ 1:13am

          Re: Re: Re:

          Better be careful there, that's 'extortion' or 'hacking', and obviously any problems you point out are your fault, due to you pointing them out, because reasons. /s

           

          reply to this | link to this | view in chronology ]

  •  
    icon
    Pitabred (profile), Jun 12th, 2014 @ 3:04pm

    Hackers, starring Angelina Jolie's boobs and bob haircut

    Back when I was a kid, my buddy was so inspired to try to become a hacker, because it looked so cool in the movie Hackers! So since I knew things about computers, he came to me and asked about it.

    Turns out, real hacking is boring, slow, difficult, and not at all like movies and games make it out to be. He got over his desire to be a hacker really quick, and is now a welder. I'm a programmer though... I don't think a movie or a game can change a person into a hacker. It's an innate skill and desire, and no amount of gaming will make you competent at it, nor do you need to be a gamer to have interest in it.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Jun 12th, 2014 @ 4:00pm

    Its a hack alright.

    Free advertising for Watch Dogs.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Jun 12th, 2014 @ 4:03pm

    I hear Michael Vick used to a play a ton of Pokemon games...

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    madasahatter (profile), Jun 12th, 2014 @ 4:21pm

    Reset defaults

    Every device I have seen has a default password to allow the initial setup of the device. Some enforce changing the default password to something else during the initial setup. Even if they do not require changing the defaults one should as a matter of good practice. Some of the blame goes to whoever "installed" the equipment and failed to reset the passwords.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      John Fenderson (profile), Jun 12th, 2014 @ 5:36pm

      Re: Reset defaults

      Most of the blame goes to them. Really, these signs have always had pitiful security and hacking them has been common teenage stuff for decades.

      Your point about devices forcing you to change the default password on setup is right on the money. That's fundamental good engineering: a cheap and simple thing that eliminates a stupid mistake. That signboards don't generally do this after years of experience means that the manufacturers deserve some blame for their design flaw.

      On the other hand, neither the users nor the manufacturers really care that much. The "damage" is minimal and easy to "repair". The cost/benefit analysis might support that attitude.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Michael, Jun 13th, 2014 @ 10:46am

        Re: Re: Reset defaults

        The "damage" is minimal

        Unless someone hacks in and puts up material under copyright. Then the damage is HUGE.

         

        reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous, Jun 12th, 2014 @ 4:52pm

    I'm gonna have to download a pirated version of this game!

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Matthew Cline (profile), Jun 12th, 2014 @ 11:57pm

    Confused? Let me explain.
    ... No, there is too much. Let me sum up.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    relghuar, Jun 13th, 2014 @ 12:55am

    Simple hint to IT professionals

    If the difficulty of hacking into your system can be compared to the popular computer game, get out of business like real fast...

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Michael, Jun 13th, 2014 @ 6:34am

    I don't recall any percentage of Nintendo players seeking out lines of turtles upon which to leap, nor do I recall any number of children or adults buying up all the hedgehogs at Pet Smart and then rolling them down long and complicated loop-to-loops to see how many rings they could collect

    I was thwarted by the fact that my local Pet Smart doesn't sell hedgehogs, but I did find that a tree farm near me sells barrels AND lighter fluid. Does anyone know where I can find a Gorilla?

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Aaron (profile), Jun 15th, 2014 @ 4:40am

    No results.

    I actually tried searching to see if there were any reports of Sonic being thrown down aisles (or any abuse whatsoever) and the internet has failed me. Not one result.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    tyler, Jul 20th, 2014 @ 4:43pm

    gameplay

    Game is garbage. Every thing from driving to walking. If you wanna waist money,time and gas's then get it otherwise don't. I can't wait until EB games opens tomorrow so I can bring it back!!!

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    mikel, Sep 17th, 2014 @ 8:54am

    fckn right

    These days all the younger generation are 15times smarter asset almost everything tech wiser,thus some kid's hack a sign that some old fart didn't update is most certainly watch dogs fault. I'm curious,can i blame wretch dogs for the Trojan i spent 6months learning to make through self taught programming from hours of research on a dial up connection back in 2001? Were talking windiws xp sp1 and the best we had back then was playstation one and i can't think of a single game that made me wake up and think i should hack my high school pc system.nay i made it because i want to see if i could,and i raised H3LL with it to show off my ego.and i lied like like h3ll about it when i got caught cause i didn't want to feel bad for my actions. So what?it's all about lessons learned.if we just keep banning every thing where will we be in 20yrs? I bet we will all be in cryostasis cause none of us can fck sht up that way.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Ben, Dec 18th, 2014 @ 8:37am

    Have

    The comment will aprrove

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
Advertisement
Essential Reading
Techdirt Deals
Techdirt Insider Chat
Advertisement
Recent Stories
Advertisement
Support Techdirt - Get Great Stuff!

Close

Email This

This feature is only available to registered users. Register or sign in to use it.