How would you react if your vehicle was suddenly hacked into, and you lost all control of its brakes, engine and steering? Sounds scary, right? Well, that’s exactly what two researchers managed to do in the US.
WIRED’s Andy Greenberg was in his 2014 Jeep Cherokee, and in a pre-planned programme, two security researchers managed to take over the controls of the vehicle, remotely.
They started off with the air-conditioning, turning it to full blast, then the stereo, up to full volume, the windshield wipers, to full speed and turning on the wiper fluid too. As the wiper fluid blurred the glass, Greenberg began to get anxious. The hackers even a posted a picture of themselves on the car’s display.
Next up, they disconnected the engine from the drivetrain and essentially put the car into neutral. As Greenberg slowed down perilously on the highway, he started panicking, and he finally had to turn the ignition off and on again to reengage the drive. He miraculously avoided getting rear-ended by a semi-trailer, and eventually came to a safe stop on an operational freeway on-ramp.
This hacking technique is a zero-day exploit can target vehicles such as the Jeep Cherokee through its Uconnect system, completely wirelessly. Their code is a nightmare scenario, as the software can infiltrate the vehicle’s entertainment system to access its dashboard functions, steering, brakes and transmission – all from a laptop that could be anywhere in the country.
Surprisingly, the two security researchers cum hackers, Charlie Miller and Chris Valasek, were doing the hacking from Miller’s basement at home. Their hack can also enable surveillance by targeting the Jeep’s GPS coordinates, calculate its speed and drop pins on a map to trace its route.
Chrysler, like most manufacturers, has a feature called Uconnect, which essentially turns a modern automobile into a smartphone. Therefore, due to a vulnerability in the system that Miller and Valasek will reveal at an upcoming Black Hat conference, any hacker can identify the vehicle’s IP address from anywhere in the country.
Miller and Valasek are able to rewrite a chip in the vehicle’s head unit, within the entertainment system, by stealthily overwriting the chip’s firmware to plant their sinister code. Scarily, the firmware can then send commands to the car’s internal computer network. The researchers believe all Uconnect vehicles from late 2013 onwards are vulnerable to this hack.
Thankfully, both Miller and Valasek have been sharing their research with Chrysler for nearly nine months, enabling Chrysler to release a patch for about 471,000 susceptible cars, all fitted with Uconnect, ahead of the Black Hat conference. Fiat Chrysler Automobile (FCA) were notified of the patch on July 16, and owners will have to manually implement it via a USB stick.
So it’s all safe for now, but it does give us a glimpse into how increased automation can actually be quite dangerous if it’s exploited by sinister individuals who are hell-bent on wreaking havoc on the masses.
Do have a look at the video above for a great insight into this hacking exploit.
Looking to sell your car? Sell it with Carro.
This is an awareness to all car makers.
fully imported cars from outside asean region are subjected to import tax as well on top of custom excise duties and GST. for cars more than 3000cc, the total is something like 193%.
Get this foreign car, your car maybe down due to hacker problem.
Get a Proton, your car SURE down due to its ‘awesome’ build quality.
That’s why you see people prefer Toyota. You can’t go wrong with sushi cars.
Get this foreign car, your car maybe down due to hacker problem.
Get a Proton, your car SURE down due to its ‘awesome’ build quality.
The first two statement maybe true (but not 100%), but another SURE TRUE statement is,
Get a UMW Toyota jamban junks, your car and your life SURE very dangerous due to its ‘awesome’ safety features that is good to none (over RM100k, even RM150k junk cars NOT equipped with VSC that supposely COMPULSARY, NOT OPTIONAL).
That’s why now you see many people choose Honda and even Nissan (if still want sushi cars).
Where those basher who poked preve key slot?
This is the thing, when you dun have to insert anything to start the engine, anybody can bypass your key and control your car wirelessly and remotely.
I’ve said before about how modern cars are becoming more electronics and smarter. These possibilities are one of the concerns with hi tech cars.
As a person, our knowledge on technologies should go beyond simply know how to use them, but how to work around and over them when things go wrong or out of control.
anyone remember fast n furious 6 in london? all the modern day cars went kaput after its electronics hacked while american muscle cars kept going on.
Mark my words…we will soon need to install Kaspersky into our vehicles.
Just add a button to disable the features, when you’re driving.
this is the problem of too much tech inside a car…!!!
Just put the neccessary thing is enuff..!!!
There is no enough in advancement of technology. Just fix and improve.
The first thought that crossed my mind was how the entertainment system should be separated from the vehicle control systems. Then I remembered there are certain premium driver aids that are able to use GPS navigation to adjust the dampers and transmission gear selection to smoothen the ride as much as possible with the right gear and suspension settings. Then there’s autonomous driving. As car companies move progressively towards autonomous driving, vulnerabilities like this will just multiply as the degree of integration between the car’s different components increase. I doubt car companies ever thought of having security for their vehicle control system a few years ago, so security would definitely be lax in this department.
How things have changed…
A very user friendly cars turn into very hacker friendly cars. hahaha
and yet almost every car maker is pushing towards full automation nowadays. i just can’t imagine what kind of disaster it will be once it is 100% implemented in every place.
bet they cant hack a proton iswara.
try hacking into my kancil and saga blm okeh hahaha