Last year, when computer security researchers Charlie Miller and Chris Valasek showed they could hijack the steering and brakes of a Ford Escape and a Toyota Prius with laptops connected to the cars, they raised two questions: Could hackers perform the same tricks wirelessly, or even over the Internet? And Is your specific car susceptible, too?
The possibility of car hacking is becoming more real; In some cases the researchers analyzed car models over time to see how they were becoming more digitized and thus potentially more insecure. As vehicles’ electronic systems evolve, the automobiles are starting to require the same protection as laptop computers and e-commerce servers.
Miller, a security researcher at Twitter, and Valasek, a director at computer security firm IOActive, are not splitting the dashboard or hacking using their laptops as before. But have released their new report, which they claim is the first security analysis of in-car networks, it looks at the potential for 20 mostly late-model cars to be harmed by remote wireless attacks. As per the report, Chrysler and Nissan are rated as among the three “most hackable” cars in the market along with General Motors. Chrysler and Nissan are reviewing the report, General Motors didn’t comment on the label.
Computer security researchers Charlie Miller and ChrisValasek concluded in the report that the most hackable models out of 20 reviewed were Chrysler Group’s 2014 Jeep Cherokee, Nissan Motor Co Ltd’s 2014 Infiniti Q50 and General Motors Co 2015Cadillac Escalade. The researchers are scheduled to discuss their findings at the Black Hat hacking conference in Las Vegas, where thousands are gathering to learn about emerging security threats. Safety of vehicles, medical devices and other equipment with embedded computers is a hot topic this year.
However, Miller and Valasek cautioned that since they had not actually attempted to hack the cars, the ones designated “mosthackable” might actually be quite secure. They released their assessments of “hackability” to create what they say they believe is the first general benchmarks that consumers could use to compare the cyber security of vehicles.
The claims has raised concerns among the automakers, Chrysler and Nissan are reviewing the facts and adamant to make a way out. Although, seeing the proliferation of technology and its uses there’s nothing to stop anyone with malicious intent and some computer-programming skills from taking command of your vehicle. There have been several attempts where a hacker was able to control everything from which song plays on the radio to whether the brakes work.
According to Chrysler’s Group spokesman Vince Muniga, at Chrysler, where optional infotainment systems are integrated with hard drives and mobile internet hot spots, a data breach of an individual automobile is “highly unlikely.” That doesn’t mean the company is ignoring the problem. “It’s an ongoing engineering issue,” he says. “You want to stay one step ahead of what these guys might do.” Rich Strader, Ford’s director of information technology security and strategy, says the automaker has been steadily strengthening in-vehicle systems, but the threat is always evolving. He says the difficulty with security is that “you can’t honestly say something is impossible.”
So the battle between the hackers and the carmakers is on. Therefore, the general underlying structure is mostly secret and secured by automakers, even from their suppliers, for obvious security and safety reasons. But rapidly proceeding technologies such as drive-by-wire steering and autonomous driving could soon mean getting antivirus updates with every servicing.
Here is a video demonstrating “The in car computer technique modern thieves use to steal”
