Here’s what makes it so easy for hackers to take over your car
Every computer is hackable — even our cars. But the big automobile manufacturers seem to be following the Detroit tradition of fighting change rather than addressing it and helping keep people safe.
This summer all drivers learned their cars are vulnerable to attack. Wired’s Andy Greenberg made headlines with his article about two hackers who were able to take control of his Jeep Cherokee as he was driving.
Greenberg was working with the hackers. But he was still stunned they were able to mess with his windshield wipers, blast terrible music over his radio, jack up his air conditioning and even kill the engine as the car cruised down the highway.
This won’t be the last time that happens. Cars are particularly vulnerable to attack because their basic computer system is far too simple.
Most automobiles run on a relatively primitive internal computer network called the controller area network or CAN. It is the computer equivalent of a single-cell organism, uncomplicated and pedestrian. Yet this simple computer controls all complicated operations of a car, including the advanced systems that run the ignition, steering and anti-lock brakes.
The auto industry standardized the CAN chips in 2007. Since then — with some small variations — every car’s little single-celled brain has been largely the same.
Though car manufacturers are now adding fancy electronic upgrades such as Bluetooth access or OnStar, they merely added other CAN computers to a car to operate them. The CAN operating a car’s WiFi, for example, is separate from the CAN operating the transmission, but the two do communicate. Typically, the CAN running crucial components — like the brakes or engine — is read-only, meaning the car’s other computer systems shouldn’t be able to change or interfere with it.
It turns out, however, that most car companies have done a terrible job of protecting the tiny brains at the heart of virtually all cars. The most dangerous car hacks succeed by hijacking the CAN controlling a car’s brakes, engines and transmission.
Often the hackers need physical access to the electronics systems in order to break into the CAN, either through the hood or the dashboard. Increasingly, though, they are able to infiltrate it through the CAN controlling the comfort systems, such as Bluetooth or WiFi.
The bigger problem is the behavior of the auto industry when hackers reveal these exploits to the world.
Many hackers are tinkerers, curious computer enthusiasts who like playing with a system and puzzling out its defects. This type of hacker is labeled a white hat — a hacker for good. Most of the recent car hackers have been white hats. When white hats discover a flaw in a security system, they typically alert the owner of that security system.
Valasek and Miller weren’t the first to hack a car. Gearheads have long hacked their cars to bypass environmental restrictions built into engines. Back in February, 60 Minutes ran a story remarkably like Greenberg’s.
A team of computer science researchers at the University of Southern California, San Diego recently wrote a program that takes control of a car with a cell phone. The program exploits weakness in a common OBD2 dongle — often used to diagnose car trouble — that plugs into any vehicle. The researchers uploaded a simple program to the dongle via a cell phone. After that, simple text messages could start and stop the car.
Every car manufactured after 1996 has an on-board diagnostic port. It’s typically underneath the dash and right below the steering column. OBD2 dongles plug into that port and harvest data from a car’s various computer systems. Both Uber and various insurance companies use the OBD2 dongle to monitor drivers.
In 2012, researchers at Radboud University in the Netherlands figured out how to hack the security system of Volkswagen, Honda, Audi, Fiat and Volvo cars. The theft prevention system had been designed to prohibit cars from starting if the right key, with the right RFID chip wasn’t present. Radboud figured out how to bypass it.
The Radboud University researchers who uncovered the flaw in the luxury car security systems contacted the manufacturers to let them know. In response, Volkswagen sought an injunction against the Radboud research in British court. Volkswagen won the suit and stopped the researchers from publishing their findings for two years.
General Motors doesn’t want anyone tinkering with its products either. The U.S. car giant recently declared that when you buy a car from it, you’re just leasing the software the car uses to run its systems. According to General Motors, tinkering with its cars the way Miller and Valasek did with Jeep is tantamount to theft of intellectual property and a violation of copyright law.
If the goal of the world’s auto industry is to keep its consumers safe from malicious hackers, suppressing research and suing anyone who goes under the hood is a losing strategy.
The auto industry has long been a competitive rivalry among billion-dollar companies protecting trade secrets as if they were government secrets. But if manufacturers want to keep their cars safe from malicious hackers that must change.
The auto industry will have to become, god help me, more like the tech industry.
One of the oldest stories of Silicon Valley is of the basement-dwelling super hacker who gets caught, only to be hired by the entity attacked. Chris Putnam, for example, created a worm that ravaged Facebook. The social media behemoth hired Putnam after it discovered his code.
Michael Mooney ran a similar program through Twitter and Twitter hired him. Even the Department of Homeland Security hired famed super hacker Jeff Moss. The tech industry learned