PDA

View Full Version : Remote Car Hacking Is Now a Reality



allodial
11-11-15, 03:28 AM
Remote Car Hacking Is Now a Reality
By Doug Newcomb
July 24, 2015 A pair of security experts take control of a vehicle from a computer miles away to prove a point.
3197
http://www4.pcmag.com/media/images/472675-2015-jeep-cherokee.jpg
Until now, car hacking demos were done only while security researchers were hard-wired into a vehicle's electrical system. There was just one documented real-world case of remote car hacking in 2010, but that was an inside job by a disgruntled car dealer employee, who bricked over 100 vehicles by taking advantage of technology designed to allow remote repossession.

OpinionsBut earlier this week, two security researchers who have made exposing connected car vulnerabilities somewhat of a crusade showed in dramatic and somewhat dangerous fashion how they were able to remotely disable critical systems of a 2014 Jeep Cherokee while the vehicle was on a St. Louis highway. Charlie Miller, a security researcher at Twitter, and Chris Valasek, director of vehicle security research at IOActive, made headlines two years ago by showing how they could honk the horn, cinch the seat belts, kill the brakes, and control the steering wheel of a Ford Escape and Toyota Prius from the backseat using laptops and a physical connection to the vehicles.

Their follow-up, once again with writer Andy Greenberg at the wheel, was intended to scare car companies and car owners by proving that vehicles can be remotely hacked to cause havoc on the highway. While sitting in Miller's basement miles away, the pair used a security vulnerability in the vehicle's Uconnect infotainment system to blast the AC, tune to a hip-hop radio station and crank the stereo system, turn on the windshield wiper and washer, and post a snarky picture on the in-dash display of themselves in matching track suits.

To drive home their point about the vulnerabilities of modern connected cars, they disabled the transmission, causing the Jeep to lose acceleration on the highway, with a semi bearing down on it. Later, in a parking lot, they also deactivated the Jeep's brakes, causing it to slide into a ditch with Greenberg at the wheel.

(source/more (http://www.pcmag.com/article2/0,2817,2488345,00.asp))


In a broad-reaching report by 60 Minutes about DARPA and the Internet of Things, the Department of Defense has shown that it can hack General Motors' OnStar system to remote control a last-gen Chevrolet Impala. (more (http://www.theguardian.com/technology/2015/aug/12/hack-car-brakes-sms-text))

Related:

Remote Car Hacking Is Now a Reality (http://www.pcmag.com/article2/0,2817,2488345,00.asp)
Full Remote Control Of ALL Modern U.S. Market Cars (http://jimstonefreelance.com/carhack.html)
Hackers Were Able to Remotely Control A Jeep Cherokee's Radio and Even Turn Off the Transmission (http://www.businessinsider.com/researchers-show-the-ability-to-remotely-hack-and-control-a-car-2015-7)
Experimental Security Analysis of a Modern Automobile (http://www.autosec.org/pubs/cars-oakland2010.pdf) (PDF--16 pages) (alternative link (http://jimstonefreelance.com/carhack.pdf))
Security Researchers Hack A Car and Apply the Brakes Via Text (http://www.theguardian.com/technology/2015/aug/12/hack-car-brakes-sms-text)
DARPA Hacks GM's OnStar To Remote Control A Chevrolet Impala (http://jalopnik.com/darpa-hacks-gms-onstar-to-remote-control-a-chevrolet-i-1684593523)
Hackers Discover A Way to Hack Into Your Car's Remote Control App (http://www.ubergizmo.com/2011/07/hackers-discover-a-way-to-hack-into-your-cars-remote-control-app/) (ubergizmo.com)