Having a hacker charge a carbon fiber toilet seat to your Visa card is inconvenient, but what if they decide that your car would function better without brakes?
That’s exactly what happened to Forbes journalist Andy Greenberg in a very unusual recent road test. Greenberg hopped into a car with some hackers, who deactivated the vehicle’s brakes by jacking into an onboard data port.
The idea of a hacker taking control of a car and endangering its occupants sounds like the ultimate dark side of the ongoing digitization that has made cars more efficient, safer, and more connected to our lives than ever before. So, is car hacking a real threat, or fodder for science fiction?
Car hacking hit the tech mainstream in an ugly way this past June when journalist Michael Hastings, famous for bringing down General Stanley McCrystal with a revealing Rolling Stone profile, was killed in a horrific car crash.
A hacker looking to take over someone’s car would have to put in a lot more effort than one looking to take over one’s credit card.
Shortly after, President George W. Bush’s top counterterrorism expert, Richard Clarke, went public implying that Hastings could have been assassinated, and that his own car could have been the weapon.
“There is reason to believe that intelligence agencies for major powers — including the United States — know how to remotely seize control of a car,” Clarke told the Huffington Post at the time.
“So if there was a cyber attack on the car — and I’m not saying there was… I think whoever did it would probably get away with it,” Clarke said.
Hastings’ 2013 Mercedes-Benz C250 coupe hit a tree with such speed that witnesses said the crash sounded like an explosion. There were no other cars involved.
So how would a government assassin take control of a car? At first, it seems as easy as Richard Clarke suggested. Modern cars are now essentially rolling computers that control everything from anti-lock brakes to the engine and transmission.
Many cars even have “drive-by-wire” throttles and brakes, with no physical connection between the pedals and the mechanisms they control. Nissan is even launching a steer-by-wire system on the 2014 Infiniti Q50.
With a car’s gas and braking systems already controlled by computers, all a hacker would have to do to commit vehicular homicide is insert some malicious code into those computers, right? Not quite.
For hackers to have taken over Hastings’ car they would have had to access it wirelessly, and that’s easier said than done.
A car’s computer control system, called a Controller Area Network (CAN) bus, isn’t like your desktop or laptop computer; it’s hard-wired and not designed to receive wireless commands. Charlie Miller and Chris Valasek, the hackers that actually cut a car’s brake function in the Forbes story, did so by physically plugging their laptops into the vehicle after taking most of the dash apart to get at the car’s wiring.
Fully electric vehicles may also be vulnerable. Putting them “in gear” is usually done with a stalk or button rather than a mechanical linkage.
Wireless car hacking has only been achieved in the lab – at least that we know of. Separate experiments conducted by the University of Washington and the University of California, San Diego were able to penetrate the CAN bus using connected devices such as smartphones.
However, their success was limited. The University of Washington’s report states that, while researchers were able to get wireless access to a moving car, they were only able to send commands at speeds below five mph. Above that speed, the CAN bus realized that the vehicle was operating outside normal parameters and ignored the errant code.
True, a hacker could attach hardware to the car to gain direct access, but if an attacker already has that much physical access to a car, why bother with software? Cutting the brake lines or planting a Casino-style bomb would be just as easy.
That’s what officials from Ford and Toyota said when Miller and Valasek showed them their research. If someone has access to a car, there are already numerous ways to cause harm.
Cars also don’t share a common programming language like a Mac or a PC. Miller and Valasek bought a 2010 Ford Escape and 2010 Toyota Prius and spent months analyzing their computer systems; they’d have to start all over again if they wanted to mess with a BMW or Nissan.
Audio, Infotainment, and Navigation
The computers that control a car’s throttle, steering, and brakes aren’t like the ones people have on their desktops, but there are other systems onboard that are.
While the CAN bus can so far only be accessed directly through a hard line, there are many ways to breach a car’s infotainment devices remotely. The University of Washington and University of California, San Diego researchers were able to insert malware on CDs and mp3s, which were then installed on an iPod that was then synced with a vehicle’s system.
A driver could inadvertently get their car hacked by downloading third party software to their phone, but that software would have to pass through two phalanxes of corporate scrutiny first.
A hacker could potentially distract a driver by blasting the stereo, or disable the navigation system…
The makers of smartphone operating systems vet third party apps and so do the car companies. That’s why the number of apps available for infotainment systems like Ford’s Sync or Chevrolet’s MyLink number in the tens, not the thousands.
Still, assuming a hacker could get some malware into a car’s infotainment system, could they do any damage?
A hacker could potentially distract a driver by blasting the stereo, or disable the navigation system, but these types of attacks are more annoying than life-threatening. The driver would still be in control of the car, after all. But if the driver was unaware that the GPS system had been tampered with or was being controlled, a car could be sent the wrong way down a one-way street or into a hazardous situation. Far-fetched? Maybe not, since that is what apparently happened to this yacht.
So some parts of a car are hard to access, while others are easy to access but can’t do anything dangerous. So you’re pretty safe, right?
That may change in the future, though. In the past, car control systems have been separated from secondary systems like audio and navigation, but that’s changing as the computerization and interconnectivity throughout a car’s systems grows to, ironically, give drivers more control over things like suspension settings, steering sensitivity and engine power output.
A vehicle’s different automated features can be linked in many ways. For example, in some cars, the doors lock automatically when the transmission is shifted into gear. This seemingly innocuous feature isn’t as well-protected as the vital CAN bus, so could it be used as a back door for an attack? Not necessarily.
A connection may exist, but that doesn’t mean it can be exploited by hackers. In the case of automatic door locks, the information usually only flows one way: the locks are activated by the engine or transmission, not vice versa.
However, this could become more of a problem as a car’s mechanical systems become intertwined with its digital ones. Car companies like Ford are looking to leverage vehicle data to improve the customer experience, but that means giving programmers more access to cars than ever before.
Ford’s OpenXC program gives third party developers access to a car’s onboard sensors, in order to collect data that can be used by driving-specific apps. If that practice becomes commonplace, carmakers will have to work harder to separate vital controls from connected devices.
Many cars can now be accessed remotely by smartphones or assistance services like OnStar and Drone Mobile, which can track a vehicle’s position, remotely open doors, start engines and run heating or cooling systems in advance of the driver getting into the vehicle. All of this is done by remote control, whether it’s from a computer terminal, smartphone or key fob. Each presents a possible intercept window for hackers.
Fully electric vehicles may also be vulnerable. Putting them “in gear” is usually done with a stalk or button rather than a mechanical linkage. Suddenly putting an EV into reverse remotely or gaining control of the car’s acceleration as it goes down the highway could obviously cause a crash.
Conclusion: Is car hacking a threat?
Given the numbers of computers in modern cars, and the fact that researchers have hacked them under very limited circumstances, car hacking seems like a very possible threat.
However, while cars are computerized, they don’t work like desktops or smartphones. A hacker looking to take over someone’s car would have to put in a lot more effort than one looking to take over one’s credit card.
Car control systems aren’t set up to accept randomly inserted commands, and even if a hacker managed to fool an onboard computer, that attack would only work for that specific car.
Hacking may become more of an issue in the future as cars become more automated and more connected, but for now, the road is hacker-free.