Monday, July 27, 2015

CYBERCRIME: Chrysler Recalls Vehicles Due to Hackers

Last week's revelations about the ability of hackers to take control of a Jeep Cherokee demonstrates the vulnerability that we face in the new cyber-crime world. If you do not follow the news and own a Fiat Chrysler product that is on their list of recalled vehicles, you should read this WIRED article about the successful hacking,, and then contact your local Chrysler dealership to arrange for the fix. If you do not own a Chrysler vehicle, you still need to be aware of the potential for hackers to control the next new car that you buy.

Warnings of hackers taking control of new, internet connected vehicles are not new. In 2011, a team of University of Washington and University of California at San Diego researchers demonstrated the ability to hack into a sedan. Cyber security specialists have long given warnings of the mayhem that hackers could cause through Wi-Fi signals connected to new cars and trucks. It’s with last week's revelations though that makes the threat seem more real.

Andy Greenberg, a reporter for WIRED magazine drove a Jeep Cherokee down a freeway while two hackers, Charlie Miller and Chris Valasek, hacked into the SUV from Miller's house 10 miles away. In this prearranged demonstration, Miller and Valasek blasted cold air through the air conditioning system. Then they blasted music from a local hip hop station through the stereo system. Greenberg's efforts to turn down the music failed. Then a picture of the two hackers showed up on the SUV's digital display. Finally, the hackers put the SUV into neutral, slowing it down to a crawl.

Aside from a disgruntled employee in Austin, Texas who shut down a number of vehicles with technology meant to remind those with car loans that they need to pay, no vehicle has been hacked as yet by criminals in real life. The only hackers so far have been those who on looking for vulnerabilities have revealed their findings to the car manufacturers so that fixes can be made. An added twist to the latest hack has been that the hackers promise to talk about their research at the upcoming Black Hat conference in Las Vegas on August 1 through 6. The fixes have been developed and Fiat Chrysler has announced its recall before the world knows how to hack into its vehicles.

 Other vulnerabilities have been reported that include the ability to detect the signal from your keyless remote allowing car prowlers to open your car doors and take whatever is inside. To date, this capability has not been documented by local law enforcement in Snohomish County. But the potential for anyone other than the driver opening their doors, starting their cars, controlling the heater or the entertainment system no doubt gives a chill down anyone's spine that thinks about the possibility.

The issue comes to how can this capability be prevented? Often prevention is in our hands. We can lock doors, close windows, and not keep anything visible to attract car prowlers. But sometimes we need help to prevent crime. In this case, car manufacturers need to build in the capability to block intruders from taking control of our cars.

Car manufacturers have done a good job in the past to protect cars and some of their components from theft. During the 1970's and early 1980's many cars were broken into for their stereo systems. That led to the innovation of the removable faceplate by car stereo manufacturers that discouraged theft. And eventually car manufacturers developed a system that when the stereo loses electricity, a password needs to been entered to regain its functionality. Also, car thefts have been deterred with modern key systems that emit a code to the car when placed in the ignition proving that the key belongs to the car.

If car manufacturers are going to provide capabilities that they think drivers will use or want, they need to ensure that those capabilities will not increase the vulnerability of the cars for theft or high jacking. And in the age of cybercrime, this will be a constant, day to day battle.

Awareness is always important to preventing crime. Educating yourself on the benefits as well as the vulnerabilities of new capabilities inside your new car is becoming as important as knowing about the burglary down the street. Some may say that they will only buy used cars. But those cars may not have the safety features of modern vehicles and if you buy a car of a certain age, 1990's Honda or Toyota, you may find that it is a prime candidate for theft. So keeping up with the times is not only trendy, it is essential to making decisions that help you protect yourself from crime.

One last thing, if you bought a new Chrysler product since 2013, take look that the recall list. If your car or truck is on that list, contact your Chrysler dealer for the security upgrade. It should help with your peace of mind, at least for a while.







No comments:

Post a Comment