Security researchers hijack cars remotely

23 Jul 2015


Imagine driving down a highway at 70 mph and all of a sudden, the air conditioning goes into overdrive, the stereo system starts blaring in your ears and the wipers start up all by themselves sloshing the windscreen with water? Sounds something, right out of a horror film?

Not really, that weird scenario is from Wired magazine and describes what actually happened to the magazine's senior writer Andy Greebnerg recently while driving a Jeep.

Greenberg was driving at 70 mph on the edge of downtown St Louis when the exploit, launched by security researchers, Charlie Miller and Chris Valasek started to take hold.

He writes though he had not touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on his back through the in-seat climate control system.

The radio then started acting funny, switching to the local hip-hop station and started blaring Skee-lo at full blast. Greenberg trying lowering the volume with the volume knob and also hit the power button but to no avail. The windshield wipers then turned on, and wiper fluid blurred the glass.

As he tried to cope with all this, a picture of the two hackers performing these stunts flashed on the car's digital display  - Miller and Valasek, wearing their trademark track suits.

The Jeep's strange behaviour was not  unexpected, rather Greenberg had come to St Louis to be Miller and Valasek's digital crash-test dummy, a willing subject on whom they could test the car-hacking research they'd been doing over the past year.

Miller and Valasek plan to show how they had discovered a way to control hundreds of thousands of vehicles remotely, at the Black Hat and Defcon hacking conferences in Las Vegas in August.

From the internet, the researchers were able to track cars down by their location, check their speed, turn their blinkers and lights on and off, tinker with wipers, radios, navigation and, in a number of cases, control their brakes and steering.

In 2013, they described how they could control a Ford and a Toyota by plugging into a diagnostic port that could control steering and speed.

Over the last year, Miller and Valasek had been tinkering with a Jeep but what they did not realise at the time was that their discovery would extend far beyond the Jeep and affect hundreds of thousands of cars from Fiat Chrysler Automobiles.

According to commentators, their research is likely to be seen as among the first discoveries in vulnerabilities and attacks on the so-called Internet of Things, the products, machinery, and infrastructure expected to come online over the next five years.

According to a report from Verizon 14, car manufacturers accounted for 80 per cent of the global auto market, and each one had a connected-car strategy.

The result of their work was a hacking technique - what the security industry calls a zero-day exploit - that can target Jeep Cherokees and give the attacker wireless control, via the internet, to any of thousands of vehicles.

Their code allows hackers to send commands through the Jeep's entertainment system to its dashboard functions, steering, brakes, and transmission, all from a laptop that may be across the country.


Business History Videos

History of hovercraft Part 3...

Today I shall talk a bit more about the military plans for ...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of hovercraft Part 2...

In this episode of our history of hovercraft, we shall exam...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of Hovercraft Part 1...

If you’ve been a James Bond movie fan, you may recall seein...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of Trams in India | ...

The video I am presenting to you is based on a script writt...

By Aniket Gupta | Presenter: Sheetal Gaikwad

view more