Ex-employee accused of remotely disabling 100 cars
An auto center employee, having been laid off, allegedly hacks into a Web-based vehicle-immobilization system and interferes with more than 100 cars sold by the dealership.
What's remarkable about auto dealers is that they're not merely untrustworthy, but many of them are rather untrusting.
It seems that some sell their cars equipped with Web-based vehicle immobilization systems, just in case the buyer begins to falter on his or her payments.
Imagine the scene, then, in Austin, Texas, when cars suddenly wouldn't start or their horns would blare nonstop for hours. Did anyone imagine that a mass vehicle-immobilization attack was in progress? Probably not. More likely they imagined that some attendees of SXSW had found yet another way to prove to the world just how zanily amusing they are.
However, according to Wired, Wednesday police arrested 20-year-old Omar Ramos-Lopez, whom they accused of having technical abilities that were put to resentful use.
Ramos-Lopez was laid off from the Texas Auto Center and, strangely all the cars that seemed to have suffered a dysfunction had originally been sold at one of the Auto Centers four dealerships.
The Auto Center seems to have enjoyed a black box system, the size of a deck of cards, called Webtech Plus. The company that operates the system, Pay Technologies (Payteck), declares on its Web site that "with PayTeck, the vehicle is automatically shut down if payment is delinquent. This gives you, the dealer, the element of control you have lacked in the past."
Unless, that is, someone is clever enough to tamper with its digital innards.
The dealership said that more than 100 of its customers reported either a disabled car or hideously honking horn. So it reset the passwords for all of its employees' accounts. A police affidavit reportedly claimed that, having looked at access logs, the police traced the wicked behavior to Ramos-Lopez's AT&T Internet service.
Ramos-Lopez is accused of getting into the system by using another employee's account. Jim Krueger of Pay Technologies told Wired: "He had retained a password, and what happened was he went in and created a little bit of havoc."
I can't help but wonder who is really causing the havoc here. In times when people are strapped for cash, in many cases where the fault is that of some bumptious, Bentley-driving bailed-out banker from Connecticut, is it really necessary to humiliate someone who has fallen behind on their payments by making their horn honk louder than a pig with hay fever?
Is this another instance of technology offering excess control of another's life? Or is it a fine way to protect one's assets?
How soon before some gizmo forces bank debtors to sneeze uncontrollably until they pay off their overdraft?