Viewport width =
August 16, 2015 | by  | in Science |
Share on FacebookShare on Google+Pin on PinterestTweet about this on Twitter

Carjacking now possible from the comfort of your couch

American car company Fiat Chrysler has recently issued a recall order for 1.4 million vehicles. The recall followed serious cyber-security concerns raised in a study by US experts Charlie Miller and Chris Valasek.

A series of trials run by the pair showed that these vehiclesautomatically connected to the internet via the Chrysler UConnect systemwere alarmingly vulnerable to external hacking attempts. Using a phone, Miller and Valasek were able to remotely identify a targeted vehicle, disable the brakes, slow and stop the engine, and play havoc with the car’s electronic interface.

The weaknesses identified are a recent development for the industry. Automakers have responded to consumer demand for connectivity by equipping cars with increasingly sophisticated electronics. Internet connection allows enhanced in-car entertainment and navigation features, and use as a wifi hotspot. These connectivity advances have been accompanied by other electronic features designed for improved safety, such as automatic brakes and locking.

Advances in security, however, have followed more slowly. As Miller and Valasek demonstrate, the connection used by a car’s entertainment system can be exploited by skilled hackers. Once inside the systems, there are few barriers between componentssoftware can be re-written remotely to control, stop, and track the car. It may even be possible to take over the car’s system and use it to identify and control other cars in the network, moving through vehicles in the same way that computer hackers use botnets. Navigational functions can also be exploited, using false signals to “spoof” GPS devices. University of Texas researchers recently used a GPS unit to change the course of an $80 million dollar super-yacht without being detected by the captain.    

While manufacturers are increasingly aware of these concerns, they also face market pressure to add innovative new features. Security expert Josh Corman says, “If it takes a year to introduce a new hackable feature, then it takes four to five years to protect it.” Car theft using electronic keys is on the rise in the UK; in London, 42 per cent of all car theft is electronic.

The digitisation trend seems inevitable. Japanese electronics company Hitachi predicts that by 2020, 90 per cent of all cars will be internet-connected, and Google is pouring significant resources into developing self-driving cars, where zero driver input is required. Proponents of the new systems say that the features allow greater mobility and independence for people who would otherwise have difficulty driving. Greater automation can also help prevent accidents, as the impact of human error (from drunk, tired, or reckless drivers) is minimised. There is also hope that car-to-car interaction can be used to prevent gridlocks and increase efficiency, as cars will be able to remotely coordinate to optimise traffic flow.

In order to take advantage of these opportunities safely, industry groups as well as legislators will need to be vigilant. In the US, a Bill is currently being introduced to set new vehicle cyber-security standards. Miller and Valasek say that the auto industry must follow the lead of computer companies. They urge business leaders to invite budding hackers to work with corporations to identify bugs.

Other industry experts remain optimistic. Maciej Kranz (of Cisco’s Connected Industries Group) said in a recent article that current fears are disproportionate. He states that when you connect cars to the net, “Good things happen. More good things happen when you connect all of the systems.”

Share on FacebookShare on Google+Pin on PinterestTweet about this on Twitter

About the Author ()

Comments are closed.

Recent posts

  1. In NZ.
  2. The Party Line ~ Issue 04
  3. Mental Health Wānanga Celebrates Work, Looks to the Future
  4. Sustainability on Salamanca: VUW working on environmental impact
  5. Basin Reserve Vigil: Wellington Stands with Mosque Attack Victims
  6. Mosque Terror Attacks: The Government Responds
  7. Issue 04 ~ Peace
  8. Law School Apparently Not Good at Following Rules
  9. Wellington Central Library closed indefinitely
  10. School Climate Strike Draws Thousands

Editor's Pick

In NZ.

: When my mother gave me my name, it was a name she couldn’t pronounce. The harsh accents of the Arabic language eluded the Pākehā tongue. Growing up, I always felt more comfortable introducing myself as she knew me—Mah-dee or Ma-ha-dee—just about anything that made me feel