Hit the brakes! Did Your Car Just Get Hacked?
Could your car be the next target of a cyber attack? You might not think so, but new research has shown otherwise.
The overall safety of your vehicle used to be rather straightforward to maintain with tune-ups, replaced brake pads, flushes and other scheduled upkeep.
Unfortunately, with the incorporation of computer systems into newer car models, things are not so simple anymore. Where the well being of your vehicle once only required a few new parts and the occasional oil change, contemporary vehicles no longer operate on just a combination of gasoline, and some moving metal parts. They now come with a highly complex network of computers that might be just as “hackable” as your computer or mobile device. In fact the typical car today has around six million lines of computer code.
These new systems, developed to increase efficiency and performance, could be opening the door to software attacks by hackers and anyone else with the knowhow to access and alter internal vehicle programming.
Last year, Charlie Miller, a security engineer at Twitter, and Chris Valasek, director of security intelligence at IOActive, were given an $80,000 grant from DARPA, the research division of the Pentagon, to locate any potential and some very real weaknesses in a consumer vehicles. And not only did they find a number of vulnerabilities, they developed an entire program that will hack into your vehicle’s computer and take control of any number of functions—some amusing, others potentially life-threatening.
Miller and Valasek recently divulged how they reverse-engineered enough software in a Ford Escape and a Toyota Prius to demonstrate a nasty assortment of hiccups in both vehicles. From the repetitive and uncontrolled honking of the car’s horn to slamming the brakes at high speeds, the men were able to demonstrate how—with their laptops connected to the car—they could manipulate set commands to turn headlights on and off, disrupt global positioning system (GPS) controls and even alter readings on speedometers, odometers and gas gauges.
The pair will release their findings next month at Defcon, a well-known conference for computer hackers in Las Vegas. And not only will they be sharing their research but the men plan on releasing the software they developed to deliver the vehicular attacks in order to help fellow researchers work on fixing the issues before they become real-life dangers.
Such discoveries are particularly frightening when you consider the increasing automation and Internet connectivity of any number of features integrated within modern cars—temperature control, seat movement, cruise control, cell phone pairing and more. Almost every car manufacturer offers some form of mobile service, external network and emergency assistance built directly into their vehicles.
But honestly, how do you protect your car’s computer from hackers? For the time being, the ownership lies in the hands of car manufacturers to provide such security. However, we could envision a future where third-party developers sell car-computer protection software.
As the complexity of cyber attacks increase, it is important to stay informed on new developments in security concerns. You never know when or where the next issue may arise. Especially considering how the Internet is increasingly being used to connect everyday devices in your home, car, and more.
Whatever does lie ahead—don’t caught off-guard by attacks on your personal data that could even affect your physical safety through items you use on a daily basis. Get the latest on emerging security threats by following us on Twitter @McAfeeConsumer and Facebook.