Vulnerability Focus: Hacking with Cars
Resolution
In the past, people have demonstrated their ability to take control of a car's basic functions, such as steering, gas, brakes, windows, radio, etc. But at that time, the only way that the car system was vulnerable was via a connected wire to a laptop inside of the same car.
At present, people have progressed to true wireless hacking into cars. Earlier this month, Andy Greenburg at Wired.com, wrote an article documenting these hacking attempts. There are two engineers responsible for this discovery, a Security Engineer from Twitter (Charlie Miller), and Director of Vehicle Safety Research at IOACTIVE (Chris Valasek).
Back in 2013, the same two security professionals demonstrated how they were able to hack into a Toyota Prius and Ford Escape. But the two engineers responsible for the attack were in the back seat of the same car in those demonstrations, plugged into the car's OBD2 diagnostics port.
Look Ma, No Wires!
Both Miller and Valasek have spent the last couple of years working on how to wirelessly hack into cars. To date, they have only specifically targeted the Jeep Cherokee in these latest demonstrations, but they state that thousands of vehicles are vulnerable to the attack.
All About the Connection - Uconnect
So, how are these engineers able to perform this hack? More and more car makers are making today's vehicles more advanced and are introducing new "Internet connected" features. Chrysler is connecting cars through a service called 'Uconnect'.
Uconnect allows the car owner to stay connected to the internet while driving, and also allows the car owner to remotely perform the following functions to their car:
- Start the car
- Operate the windows
- Honk the horn
- Flash the headlights
All can be done from a smartphone or home computer and all of these features come at a price, if they are not secured properly.
Andy Greenburg wrote:
"Uconnect computers are linked to the Internet by Sprint’s cellular network, and only other Sprint devices can talk to them. So Miller has a cheap Kyocera Android phone connected to his battered MacBook. He’s using the burner phone as a wifi hot spot, scouring for targets using its thin 3G bandwidth."
At first, the engineers thought that the cars open to this kind of attack would be limited within a wifi area. But, they quickly discovered that they were able to see other vehicles on the same cellular tower, eventually they were able to see more and more cars that were connected on the internet.
Miller and Valasek plan on releasing part of their code that was used to hack the Jeep at a Black Hat conference next month. Both have been working with Chrysler over the last nine months to allow the company to release a patch before any of their code has been released. The good news is that there is now a patch available to help resolve this vulnerability, but it has to be performed manually with a USB thumbdrive.
To read the full article, click here: http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
In recent weeks Chrysler addressed this security concern, and has issued new firmware to resolve this vulnerability. Read about it here:
http://www.wired.com/2015/07/patch-chrysler-vehicle-now-wireless-hacking-technique/
I welcome all feedback and comments below.
Thanks for reading!
Joe Delio