12th Aug 2014
CNNMoney recently reported on the disturbing news that hackers could slam on your car’s brakes, while you’re driving! In their investigation, CNNMoney found that certain cars are more “hackable” than others. Security researchers Charlie Miller and Chris Valasek conducted an analysis of a variety of technical specifications on different models of cars. While they were able to manually hack cars in their investigation, they did not remotely hack any automobiles. Remotely hacking cars isn’t out of the realm of possibility though, and they give plenty of reasons why.
Security Flaws in Different Makes and Models
Perhaps not surprisingly, a key security flaw for both the 2014 Jeep Cherokee and the 2015 Cadillac Escalade can be found in the car’s Bluetooh and telematics’ apps. These applications are responsible with connecting the automobiles to networks like OnStar. Unfortunately, they are on the same network as the car’s engine controls, steering, brakes and tire pressure monitoring systems. The 2014 Prius’ AM, FM, XM radio and Bluetooth are all on the same network as the steering, brakes and tire pressure monitoring systems. Is this an egregious oversight or simply a design flaw? How are all of these seemingly simple innocuous electronic systems grouped into the same network as the steering and brakes?
Bluetooth and Your Steering Wheel
The article is quick to point out that drivers could unintentionally download a virus on their phone and then send that virus to the car’s computer system via Bluetooth. Now, a virus could easily compromise your car’s steering, engine controls, brakes and tire pressure monitoring system. In the experiments, Miller and Valasek manually hack into steering and brake systems, and the results are alarming. While one of them does the driving, the other does the hacking. It doesn’t take long for the steering wheel to be jerked out of a driver’s hand, or for the hacker to slam on the brakes without warning.
Improving Vehicle Technology Security
Although there are safeguards put into place, like speed limits regarding when the car’s computer can over-ride the brakes or steering system, their incredibly basic and easily hacked by Miller and Valasek. They are hoping that by shedding light on these vulnerabilities, car manufacturers may be able to improve upon current technology to make these vehicle systems much more secure for drivers.