My Cat Has A Computer Virus!?!
March 16, 2006 | 2 Comments
In a white paper released by the University of Amsterdam and promoted on RFIDVirus.org, an explanation of how RFID is actually vulnerable (in many cases) to simple SQL injection attacks.
How does this apply to your cat (or other pet for that matter)? Well, many veterinarians and the humane society now implant RFID chips in pets to help identify and match strays up with their original owners.
Their research group has developed a proof of concept following this basic scenario:
prankster decides to unwittingly enlist his cat in the fun. The cat has a subdermal pet ID tag, which the attacker rewrites with a virus using commercially available equipment. He then goes to a veterinarian (or the ASPCA), claims it is stray cat and asks for a cat scan. Bingo! The database is infected. Since the vet (or ASPCA) uses this database when creating tags for newly-tagged animals, these new tags can also be infected. When they are later scanned for whatever reason, that database is infected, and so on. Unlike a biological virus, which jumps from animal to animal, an RFID virus spread this way jumps from animal to database to animal. The same transmission mechanism that applies to pets also applies to RFID-tagged livestock.
Hopefully if this gets enough press, wide scale deployment of RFID can be further delayed.
Tags: cat, cats, privacy, RFID, rfid virus, university of amsterdam, virus