Car Hacking

Motorists in Winnipeg saw this profane message last year after a hacker altered the electronic roadside sign. Hackers are increasing their activity from computers to cars.

According to various sources, such as EE Times, a journal for electronics engineers, the typical car has between 50 and 100 micro-processors. Like the rest of the devices in our modern lives, these processors are increasingly connected, via GPS, Bluetooth, cell phone and Wi-Fi to other gadgets near and far. So it should come as no surprise that accidental and malicious hacking into cars is already on the increase as a safety and security threat.

For Brian Contos, security strategist with McAfee, a security technology subsidiary of chip-maker Intel Corp., car hacking is an issue that must be solved by auto manufacturers in the factory, rather than relying on drivers to add their own aftermarket antivirus protection. Besides, car buyers are notorious for ignoring safety features. “Cars have essentially become smart phones that can go 100 miles an hour,” observes Contos. “But while a hacked phone may be a big personal inconvenience, just one hacked car creates a huge risk for everyone else on the road.”

The National Post’s Peter Shawn Taylor wrote an interesting piece profiling the who’s and how’s of car hacking:

Omar Ramos-Lopez was none too pleased when fired from his job at an Austin, Tex., car dealership in 2010. So he decided to get even. Getting revenge on former employers may not be a particularly novel reaction, but his choice of payback was cutting-edge.

Texas Auto Center, where Ramos-Lopez worked, installs GPS units in leased cars that can remotely prevent the car from starting, or sound the horn on demand. Such functions come in handy if anyone happens to fall behind on their lease payments.

The disgruntled Ramos-Lopez, however, used the devices to disable cars regardless of payment status. He also set off their horns at random times. He disrupted about a hundred cars over several weeks, wreaking havoc with the lives of many drivers.

Police eventually traced the mayhem back to Ramos-Lopez, who was using another employee’s password to gain access to the firm’s GPS system from his home computer. He was charged with felony breach of computer security, but was subsequently placed in a first-time, non-violent offenders program that allowed him to avoid a criminal record.

Ramos-Lopez may not be your typical thriller-novel criminal mastermind. He does, however, offer a glimpse into the future of cybercrime. Your computer can be hacked. Your phone can be hacked. And now your car can be hacked too.

In 2010, the U.S. Transportation Research Board (TRB) commissioned a report on the implications of the widespread use of on-board electronics. Perhaps the biggest issue is what it called “automotive vulnerabilities to cyberattack,” or car hacking.

“We found that basically anything under computer control in a car is vulnerable to malicious attack,” says computer scientist Stephen Checkoway. “This includes the brakes, engine, lights, radio, wipers and electronic display. If a computer controls it, it can be controlled by an attacker.”

Checkoway, a PhD candidate at University of California, San Diego, was an investigator on two major research projects cited by the TRB. First, his team was able to hijack almost every component of an unnamed, but popular, 2009 model family sedan. Doing so required brief physical access to the car – downloading a virus via a music CD, or plugging into the engine’s diagnostic port.

In their second and more ambitious test, the researchers investigated the extent to which they could seize control remotely through the panoply of wireless devices attached to the car, such as cellular, Bluetooth, radio and tire pressure monitoring system.

Once again, mission accomplished. “We found we could compromise the car using any of these [remote] vectors,” recounts Checkoway. The radio proved to be a particularly attractive target. Since it provides all the alarms associated with the engine, turn signals and the like, it is tied into every other computer system. “If you can take over the radio, you can use it to reprogram all the other computers,” he warns grimly.

In their laboratory, researchers could send nasty messages to their test car’s display board, start and stop the engine, disable the brakes and even make two cars 1,000 miles apart perform in unison. Could any basement-dwelling computer geek do the same thing?

“It took a significant amount of work and nearly three years to get to that point,” advises Checkoway. “There are probably easier ways to disrupt someone’s life.” That said, he has clearly opened a Pandora’s box of possibilities, many of which may indeed seem worth the effort to motivated persons or groups.

First, the Tom Clancy scenario. Checkoway’s results suggest numerous cars could be jointly infected, perhaps using audio files. This could be used to prompt mass brake failure at a particular time or location. Tire pressure monitors could also be used as a triggering mechanism. And while his test car lacked self-parking capabilities, the possibility of driving a remotely-steered car off a cliff via Bluetooth seems viable.

Or an enterprising hacker could use a combination of wireless devices to seek out specific vehicles, disable their anti-theft devices, unlock the doors, start the engines and then sell the locations to eager car thieves.

And it seems like child’s play to eavesdrop on in-car conversations using built-in microphones and an Internet connection, or to lift personal information off connected cell phones, a sure boon to corporate espionage.

Checkoway observes that car hacking is likely to follow in the evolutionary footprints of its bigger brother, computer hacking. “Prior to the Internet, your personal computer was quite vulnerable, but it didn’t really matter since no one else could gain access to it,” he says. Hacking only became an issue after computers became interconnected via the Internet.

It thus seems logical that car hacking too will grow from isolated individual attacks, as with the case of Ramos-Lopez, to mass exploitation via worms or viruses and then to third-parties who sell access to compromised cars in an underground market, as with our enterprising car thief of the future.

A student of the department for artificial intelligence at the Freie Universitaet Berlin steers a converted Dodge minivan remotely with an iPhone during a demonstration.