Share

Car WiFi not Safe from Hackers

According to a daily update from Tech Target on August 3rd, car hacking is a new breach that can control and potentially enable remote control of any vehicle by accessing the vehicle’s WiFi. This video on YouTube demonstrates how a Jeep was remotely killed on the highway. After reading this, we certainly hope the government is doing all it can do to keep our officials safe.

Car hacking is the manipulation of the code in a car’s electronic control units (ECU) to exploit a vulnerability and control a target mechanism, potentially enabling remote control of the vehicle.

A single vehicle may have fifty ECUs, each of which controls a specific function. Almost all systems in modern cars are tied into ECUs, which communicate through both wired and wireless connections. Almost all ECUs are vulnerable to hacking in one way or another. A radio might not seem dangerous when hacked; however, it can provide an attacker with the means to hack other components because it can communicate with other connected systems.

Car hack demonstrations have targeted a variety of makes and models of cars, gaining control of various systems including the entertainment center, speedometer, gas gauge, brakes, steering, air bags and accelerometer. Proof-of-concept (POC) exploits have successfully breached the systems of both driven and driverless cars.

In one demonstration, security researchers Charlie Miller and Chris Valasek wirelessly hacked a Jeep while it was driving on the highway. According to journalist Andy Greenberg, who was in the vehicle, Miller and Valasek were able to control the vehicle’s air vents and windscreen wipers, dashboard functions, transmission and brakes. They then disabled the brakes, sending the Jeep crashing into a ditch.

The researchers exploited vulnerabilities in Uconnect software, which Fiat Chrysler vehicles use to control the entertainment system and enable features such as remote locking and the ability to start the car with a smartphone app. According to Miller and Valasek, the biggest security vulnerability is the vehicles’ ability to connect with the Internet, because anyone who knows its IP address can access its computer systems.

Chrysler subsequently sent out a USB software update to more than 1.4 million vehicles.

Thanks to Tech Target for giving us this valuable information!