CIA Memo Lists QNX As Potential Hack Target

The desire for privacy has never been greater after the recent WikiLeaks release that the CIA could possibly hack automotive software -- naming BlackBerry QNX OS-based platforms as potential targets.

The aim is allegedly to be able to activate the devices' microphones and cameras to spy on enemies. Vehicles could be a rich target of opportunity for enemies because millions of cars could be hijacked at once due to a common internet connection. For example, QNX alone is used in over 60 Million vehicles worldwide. Though this isn't the first time BlackBerry's been brought into the spotlight over vehicles with QNX related systems. Recall in 2015, where researchers were able to remotely hack a Jeep Cherokee via its infotainment system and take control of vital systems like the steering and accelerator. The hack prompted Fiat-Chrysler to initiate the first ever hacking-relating recall of approximately 1.4 million vehicles. BlackBerry responded quickly then too, debunking rumours of hacks; since QNX wasn't related to the system that was breached and manipulated.

The report published on Bloomberg last week reports that CIA meeting notes mention QNX as one of many potential mission areas for the organization’s Embedded Devices Branch. The exact same branch worked with U.K. spy agencies to break into Android systems, iOS systems and smart TVs. The report, dated Oct. 23, 2014, said the company hadn’t yet been addressed by the branch. In other words; it's unclear if the CIA ever actually attempted to hack or successfully hacked a QNX system.

In a statement from BlackBerry,

" ... we are not currently aware of any attacks or exploits against BlackBerry products or services, including QNX. Still, the news is a bit frightening, now that we are in the semi-autonomous driving age and evolving towards fully self-driving cars. The notion that someday a car could be hacked and used to carry out a nearly undetectable assassination doesn’t seem all that far-fetched." - Marty Beard, BlackBerry COO

BlackBerry claims to provide customers with a piece of mind by reassuring us that its multi-level cyber security is able to survive threats by creating a rootless system. A good example is if you imagine traditional security systems represented by a single lock on the front door of the house. Once this lock is broken, the intruder has full control inside the home. But if you set up multiple traps all over the house with unique locks protecting each room, the threat levels diminish as more time and resources are required to gain advantage. BlackBerry Chief Operating Officer Marty Beard, notes that with the QNX OS model, no single process is running as root. Cyber-attacks occur because the OS is manipulated to think the user is a root user, allowing them full access.

Beard also claims that the QNX Software Development Platform SDP 7.0 incorporates BlackBerry's best-in-class security technology. It will be certified to ISO 26262 ASIL D – the highest safety delegation possible for a vehicle. Automakers can tap into BlackBerry’s security expertise and make use of BlackBerry QNX, to ensure that a car can’t be hacked and turned into a weapon. Learn more about this ideal solution during a Free Webinar hosted by QNX | Register Here

Hacking can be just like a Chess game between organizations; and in this new age of technology there's one clear goal for BlackBerry: SECURITY.

Let’s Play.
 

Thanks for Checking Out My First Article On BlackBerryCentral! Drop Me A Comment With Your Thoughts!