- Casey Hamm
- July 28, 2015
It doesn’t sound completely out of this world…
We’ve seen it in the movies, haven’t we?
And we can literally take over the world from our smart phones and laptops ….
Okay so maybe not take over the world…close to it though!
So what’s so scary about a remote controlled car?
In an article published Tuesday, Wired magazine reports on how it engaged two hackers to see if they could take control of a Jeep Cherokee from the comfort of their living room while writer Andy Greenberg sat nervously at the wheel while the SUV cruised the highway at 70 mph…
And boy did they do it… (If you haven’t seen the nerve racking video, check it out HERE)
The video shows the two security experts, Charlie Miller and Chris Valasek, accessing the Jeep’s computer brain through its Uconnect infotainment system and rewiring the firmware to plant their “controlling” code.
Once in, the duo began blasting hip-hop through the stereo system, turned the AC to maximum and, ultimately, killed the transmission and brakes…
In the middle of dangerously busy highway in St. Louis.
Wow… thanks “friends of mine.”
Greenberg was unharmed in the demonstration (whew… maybe it was too scary to watch the whole video above so we wanted to let you know).
Yeah we were thinking the same thing – This is all fun and exciting as we grow in a world of infinite possibilities especially on the road but what about the not so exciting but rather terrifying prospect of unwanted hackers once again?
If the frequent attacks on myriad retail and financial institutions tell us anything, it’s that there isn’t a digitally connected network that is completely safe from hackers…
And while it’s one thing to have to change credit cards due to a breach, it’s another to be trapped in a speeding hunk of metal when the crippling intrusion happens…
Yeah that thought made our hearts stop for a second too… but the video above proves, all too clearly that the reality for the hack is there.
Miller and Valasek, who have been exploring the automobile’s growing digital vulnerabilities for a number of years, plan to report most of the details of the hack at Black Hat, the security conference that begins in Las Vegas Aug. 1.
Don’t worry though – the two masterminds will leave out enough key elements so other hackers won’t be able to replicate their mischief… We hope…
Simultaneously , at a recent Senate Commerce Committee hearing on the Internet of Things, senators Richard Blumenthal (D-Conn.) and Edward J. Markey (D-Mass.) announced legislation that would direct the National Highway Traffic Safety Administration and the Federal Trade Commission to establish federal standards to secure our cars and protect drivers’ privacy.
Most automakers today offer infotainment systems that leverage a driver’s smartphone to connect to the Internet. The idea is to offer consumers easy access to their favorite apps and services while driving, but the feature it turn opens the digital doors to hackers seeking access to the automobile’s controls.
Ooops…Here’s what the Wired story had to say…
“Wired‘s story, titled “Hackers Remotely Kill a Jeep on the Highway – With Me In It,” notes that Miller and Valasek have been sharing their information with Jeep-maker Chrysler (part of the Fiat Chrysler Automobiles group) for nine months. The hackers say the models vulnerable to their software bug are all Chrysler models with Uconnect from late 2013 to early 2015. That collaboration led to a July 16 memo to owners from Chrysler noting that a patch was available to help protect the vehicles from attack; it has to be downloaded via a USB stick or by a dealer.
Chrysler told Wired that while they “appreciate” the security pros’ assistance, they were less enthusiastic about them lecturing about many of the hack’s nuances at the upcoming Black Hat gathering. “Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems,” Chrysler’s statement reads.
One immediate fix involves automakers thinking more like software makers: offer over-the-air updates to operating systems in response to vulnerabilities. Ford and BMW both recently took this route to correct glitches in their systems in the past months.
After quoting an Internet of Things security expert saying that he hopes automakers will become enlightened to the security threats facing connected cars “in the next three to five years,” writer Greenberg offers a literary shudder.
“As I drove the Jeep back toward Miller’s house from downtown St. Louis, however, the notion of car hacking hardly seemed like a threat that will wait three to five years to emerge. In fact, it seemed more like a matter of seconds; I felt the vehicle’s vulnerability, the nagging possibility that Miller and Valasek could cut the puppet’s strings again at any time,” he writes.”
Get Your Free Case Evaluation