How hackers could slam on your car's brakes

Disclaimer: Links on this page pointing to Amazon, eBay and other sites may include affiliate code. If you click them and make a purchase, we may earn a small commission.

stephygee

Just Steph
Joined
Feb 3, 2011
Posts
171
Reaction score
55
Location
Erbil/South Los Angeles, CA
Interesting read.

How hackers could slam on your car's brakes


The Cybercrime Economy
How hackers could slam on your car's brakes
By Erica Fink @EricaFink August 1, 2014: 10:38 AM ET

Hackers control car's steering and brakes


NEW YORK (CNNMoney)
Modern cars are increasingly controlled by computers. And where there are computers, there are hackers.

A report shared exclusively with CNNMoney shows that the 2014 Jeep Cherokee, 2015 Cadillac Escalade and 2014 Toyota Prius were the most 'hackable' of 20 car models reviewed by automotive security researchers. The 2014 Dodge Viper and 2014 Audi A8 were the least hackable.

Security researchers Charlie Miller and Chris Valasek did their analysis by looking at the technical configurations of different models; they did not actually remotely hack any of the cars in the report.

Miller and Valasek say their goal was to show which vehicles would most tempt hackers, and to encourage the auto industry to make changes.

According to the report, both the 2014 Jeep Cherokee and the 2015 Escalade have an inherent security flaw: The cars' apps, Bluetooth and telematics -- which connects the car to a cellular network like OnStar -- are on the same network as the engine controls, steering, brakes and tire pressure monitor system.

In the 2014 Prius, the AM/FM/XM radio and Bluetooth are on the same network as the steering, brakes and tire pressure monitor.

The problem: A car's networked systems could become a gateway for hackers. If critical functions like steering are on the same network as features that connect the car to the Internet, that can put the vehicle at risk, Miller and Valasek say.

car hacking distance

140731084536-car-hacking-distance-620xa.jpg


A flaw in any of those Internet-connected features could put a hacker only a step away from communicating with the features directly controlling the driver's safety.


Let's say a driver accidentally downloaded a virus onto his phone and connected it to his car via Bluetooth. If the car's Bluetooth is running on the same network as the brakes, hackers could potentially make the car come to a screeching halt.

"Once they have code running on the Bluetooth computer [in your car], they can then do things like send out messages to tell the other components of the car to do stuff, like engage the brakes," Miller said.

Some cars were deemed to be less hackable than others. The Audi A8's computers that control its high-tech features (like adaptive cruise control and active lane assist) are on different networks than its wireless communications. The Dodge Viper was among the least vulnerable of those tested because it has fewer computer-driven functions -- its main sales point is speed.


In a statement, Jeep manufacturer Chrysler responded, "Our vehicles are equipped with security systems that help minimize the risk from real-world threats...Chrysler Group will endeavor to verify these claims and, if warranted, we will remediate them."

Chrysler added that they invite Miller and Valasek to share their findings with the company first so that they can find a solution together.

Spokesmen for Cadillac said "the report does not mention many new security features and mechanisms installed in the Escalade, and its description of the vehicle's electronic system is not fully accurate."

Cadillac's statement emphasized that Miller and Valasek's report used publicly available data, while the company's vehicles were also equipped with elements "that are private and not accessible to researchers (or thieves)."

Toyota (TM) did not immediately respond to a request for comment.

Despite the car's potential vulnerabilities, the researchers admit that the tradeoff may be well worth it.

"An iPhone is way more hackable than a cell phone from the 1980s," Miller said. "However, I'd still rather have an iPhone than an ancient cell phone. The same is true with the cars, for the most part."
 

vp46

Member
Joined
Jun 29, 2014
Posts
83
Reaction score
1
Location
norcal
FWIW I know for a fact that GM is specifically aware of the potential to hack systems and is expressing the appropriate amount of concern. I don't know anything more than the fact they have been aware for several years... (i'd tell you how I know but then I'd have to kill you with my James Bond moves ;0) )

I'm FAR more concerned about the stupid seat clunk my '15 SLT seems to have contracted!
 

livingez_123

Full Access Member
Joined
Feb 18, 2013
Posts
1,798
Reaction score
112
Location
Sandy, OR
I'm glad I will never have to find out, as I will never own a car with electric steering, or any of the brake assist systems. I like to drive the old fashion way and feel the road and have total control over my braking.
 

PeteKT

Member
Joined
Jan 18, 2013
Posts
43
Reaction score
0
Thats why you get an iPhone (no virus) and never activate Onstar, i dont need them knowing my business anyways, ive owned 5 differnt GM, Cadi and Chevy trucks, never once have i activated onstar on them
 
OP
OP
stephygee

stephygee

Just Steph
Joined
Feb 3, 2011
Posts
171
Reaction score
55
Location
Erbil/South Los Angeles, CA
iPhones are some of the easiest "smart" phones to crack. If you want security, go with Blackberry. Arcane and the minuscule buttons drive you mad, but....it's more secure than an iPhone.
 

Forum statistics

Threads
132,082
Posts
1,862,047
Members
96,543
Latest member
nicbop03

Latest posts

Top