It sounds like a nightmare: You’re driving along, maybe whistling along to the radio, when suddenly the music changes and starts blasting, the car begins honking and won’t stop and the transmission cuts out. Nightmarish though that may sound, it could be a reality for hackers able to get control of a vehicle from miles away.
Wired.com’s Andy Greenberg has a great story today of his time working with Charlie Miller and Chris Valasek, hackers who turned him into a “digital crash-test dummy” as they tested their car-hacking research. They developed a technique that can target Jeep Cherokees wirelessly and give the attacker control of any of thousands of vehicles via the Internet.
For the tests, Greenberg knew the car he was driving would be hacked, he just didn’t know when or how. The hackers — working from a laptop 10 miles away — promised not to do anything that could endanger him, however. He writes that he was going 70 mph on a highway when the team took control.
At first, they blasted him with cold air and hitched the radio’s volume up as high as it could go, and he couldn’t turn it off. The windshield wipers turned on and sent wiper fluid streaking across the glass. And then, things did get a bit scary: the transmission cut out.
Immediately my accelerator stopped working. As I frantically pressed the pedal and watched the RPMs climb, the Jeep lost half its speed, then slowed to a crawl. This occurred just as I reached a long overpass, with no shoulder to offer an escape. The experiment had ceased to be fun.
After the Jeep gets stuck on an upward slope, with a semi-truck approaching it from behind, he finally called the hackers and begged them to make it stop so he could get out of that tough spot.
Miller and Valasek are planning to publish some of their work on the Internet pegged to a talk they’re giving at the upcoming Black Hat security conference. Wired.com says their work on wireless hacking has inspired new legislation from senators Ed Markey and Richard Blumenthal, who are planning to introduce an automotive security bill on Tuesday to set new digital security standards for cars and trucks.
This kind of work is proving useful in the automotive industry, with car manufacturers and industry groups working together to create cyber defenses for commercially available vehicles. Though no instances of car hacking are known publicly, security experts and car makers have been busy conducting tests like the above to show how easily it could become a reality.
“You’re stepping into a rolling computer now,” Valasek told AP last fall.
Check out the rest of Greenberg’s tale at Wired.com.
by Mary Beth Quirk via Consumerist