An associate professor at the Hiroshima City University’s Graduate School of Information Sciences has managed to hack into a 2013 Toyota Corolla Fielder Hybrid and control certain functions of the car remotely, exposing a potential security flaw in vehicles connected to the Internet, according to Kyodo News.
Hiroyuki Inoue managed to open and close the windows, manipulate the speedometer to show an incorrect reading and disable the accelerator all through a smartphone and a WiFi device constructed from 10,000 yen (RM350) worth of commercially-available parts, the latter plugged into the car’s OBD-II diagnostics port.
This gave him access to unencrypted data inside the car’s computer, which controls engine, braking and other functions, although he still was not able to start the engine or turn the steering wheel. Despite this, Inoue was able to move the speedometer to the maximum 180 km/h mark even when the car was stationary, and employed a distributed denial of service (DDoS) attack to paralyse the car, making it unable to move.
And while Inoue said that cars with no Internet access cannot be hacked through this method, he warned that as manufacturers are equipping vehicles with Internet connectivity for features such as autonomous driving, future cars could be made vulnerable to the exploit. The details of the experiment was shared at a symposium on cyber security in Okinawa this week.
“Important [data] communication was in full view from outside. Other cars could also be subject to hacking in the same way,” Inoue said, adding that the data communication in cars needs to be encrypted, and steps have to be taken to protect systems from unauthorised external access.
A Japan Automobile Manufacturers Association (JAMA) official said that the industry will cooperate with the government on solving this issue, while Toyota has said that it will continue to work on enhancing protection on information security.
Looking to sell your car? Sell it with Carro.
Scary. Hope the lessons learned here would be used to make the connected car safer in future. Progress is indeed a double-edged sword.
samLoo got any comments on this ?
T car less safety , now being the least.
Watchdog 2 confirmed, and it will be in japan.
How I describe technology: 1 step forward 2 steps back. Progress is good but there’s always the consequences. Learn not to over-relying on tech. Good thing is I grow up with analogue cars without modern gizmos.
A flaw? If the obd port can be accessed that easily in the first place, all the manufacturer needs to do is to beef up the alarm system. Besides, I’m guessing the wireless is 802.11, range should be rather short.
It’s only when they can hack into the car ecu via the internet, then that would be dangerous and a real threat. Diagnosis and mapping system that transmit data through gsm network to and from the manufacturer would be the gateway.
This is the reason why the Vios makes perfect sense. No need all high tech stuffs, just buy and drive. The car will serve you for years and when you sell, you are going to get back good RV!
bodo asal ko muncul RV je kw tau hahahaha..ko ingat semua org nak jual balik ke kereta dorg balik? mungkin la..mnatau toyotaik ni mmg menghampakan dorg? kankankan?..lepastu dpt “good RV” dorg beli la pula secondhand honda, mitsu atau proton kot? siapa tahu kan
Physical access to obd2 cannot be legitly called “hack”.