Warnings of hackers taking control of new, internet
connected vehicles are not new. In 2011, a team of University of Washington and
University of California at San Diego researchers demonstrated the ability to
hack into a sedan. Cyber security specialists have long given warnings of the
mayhem that hackers could cause through Wi-Fi signals connected to new cars and
trucks. It’s with last week's revelations though that makes the threat seem
more real.
Andy Greenberg, a reporter for WIRED magazine drove a Jeep
Cherokee down a freeway while two hackers, Charlie Miller and Chris Valasek,
hacked into the SUV from Miller's house 10 miles away. In this prearranged
demonstration, Miller and Valasek blasted cold air through the air conditioning
system. Then they blasted music from a local hip hop station through the stereo
system. Greenberg's efforts to turn down the music failed. Then a picture of
the two hackers showed up on the SUV's digital display. Finally, the hackers
put the SUV into neutral, slowing it down to a crawl.
Aside from a disgruntled employee in Austin, Texas who shut
down a number of vehicles with technology meant to remind those with car loans
that they need to pay, no vehicle has been hacked as yet by criminals in real
life. The only hackers so far have been those who on looking for
vulnerabilities have revealed their findings to the car manufacturers so that
fixes can be made. An added twist to the latest hack has been that the hackers
promise to talk about their research at the upcoming Black Hat conference in
Las Vegas on August 1 through 6. The fixes have been developed and Fiat
Chrysler has announced its recall before the world knows how to hack into its
vehicles.
Other vulnerabilities
have been reported that include the ability to detect the signal from your
keyless remote allowing car prowlers to open your car doors and take whatever
is inside. To date, this capability has not been documented by local law
enforcement in Snohomish County. But the potential for anyone other than the
driver opening their doors, starting their cars, controlling the heater or the
entertainment system no doubt gives a chill down anyone's spine that thinks
about the possibility.
The issue comes to how can this capability be prevented?
Often prevention is in our hands. We can lock doors, close windows, and not
keep anything visible to attract car prowlers. But sometimes we need help to prevent
crime. In this case, car manufacturers need to build in the capability to block
intruders from taking control of our cars.
Car manufacturers have done a good job in the past to
protect cars and some of their components from theft. During the 1970's and
early 1980's many cars were broken into for their stereo systems. That led to
the innovation of the removable faceplate by car stereo manufacturers that
discouraged theft. And eventually car manufacturers developed a system that
when the stereo loses electricity, a password needs to been entered to regain
its functionality. Also, car thefts have been deterred with modern key systems
that emit a code to the car when placed in the ignition proving that the key
belongs to the car.
If car manufacturers are going to provide capabilities that
they think drivers will use or want, they need to ensure that those
capabilities will not increase the vulnerability of the cars for theft or high
jacking. And in the age of cybercrime, this will be a constant, day to day
battle.
Awareness is always important to preventing crime. Educating
yourself on the benefits as well as the vulnerabilities of new capabilities
inside your new car is becoming as important as knowing about the burglary down
the street. Some may say that they will only buy used cars. But those cars may
not have the safety features of modern vehicles and if you buy a car of a
certain age, 1990's Honda or Toyota, you may find that it is a prime candidate for
theft. So keeping up with the times is not only trendy, it is essential to
making decisions that help you protect yourself from crime.
One last thing, if you bought a new Chrysler product since
2013, take look that the recall list. If your car or truck is on that list,
contact your Chrysler dealer for the security upgrade. It should help with your
peace of mind, at least for a while.
WIRED:
Chrysler:
No comments:
Post a Comment