Skip to main content

Smart cars are hackable cars. Are the features worth the risk?

Jeep interior
Image used with permission by copyright holder
The automotive world is one of give and take. If you want hardcore performance, you sacrifice comfort; if you prioritize fuel economy and luxury, you probably won’t be king of the racetrack; and if you have a connected car, you may be vulnerable to hackers.

Cybersecurity concerns have swirled around the transportation sector for some time, but never with the same gravitas that coursed through the blogosphere last week. Chris Valasek — Director of Vehicle Security Research for the security consultancy IOActive — and Charlie Miller — a former NSA employee — were able to able to hijack a Jeep Cherokee’s Unconnect infotainment system via the car’s cellular network. Once they were in, the duo was able to send signals to the car’s computer system, manipulating the brakes, engine, and transmission with a couple laptops in a living room. All they needed was the vehicle’s IP address.

If you’re still driving your grandpa’s 1968 Oldsmobile, you probably weren’t too worried. If you own a more modern car though, one packed with wireless features and the ability to link with mobile devices, the news probably gave you some pause. And for good reason.

Charlie Miller (left) and Chris Valasek (right)
Charlie Miller (left) and Chris Valasek (right) Whitney Curtis/Wired

The modern car market demands increased functionality and inter-device communication from the factory, and there are unique security threats that come along with that. Any time a vehicle’s systems are connected to the Internet — directly or indirectly — there will be gaps in the digital armor. The fallout could be something as simple as an unresponsive radio or flashing headlights, but as we found out last week, cybercriminals can potentially access a car’s vital systems remotely, and we don’t need to explain how dangerous that is.

Any time a vehicle’s systems are connected to the Internet — directly or indirectly — there will be gaps in the digital armor.

We have yet to hear about a harmful unauthorized attack on a passenger vehicle, and clearly Valasek and Miller are not amateurs, but the vulnerabilities are clear. It’s not just Jeep vehicles either: nearly every major automaker offers an infotainment system that’s connected to the Web: Ford, Toyota, Honda, Volvo, Volkswagen, Subaru, Hyundai … you name it. Tesla’s newest vehicles can even download powertrain updates over the air, which directly affect the car’s acceleration. Is it only a matter of time before something horrible happens outside of a controlled experiment?

For answers, we turn to the carmakers themselves, and Fiat Chrysler’s initial response to the events was quite interesting. On July 22, the brand put out a press release, explaining that “some functions” had been remotely controlled, and that the automotive industry is a potential hacking target like any other. After the community began to flex its muscles, the company implemented a recall of 1.4 million vehicles, issuing USB sticks that contained a software patch to every owner alongside network-level security measures. Mailing out a truckload of thumb drives seems like an ironically insecure way to fix the problem, but a major automaker has admitted that modern cars are at risk from the attacks of cybercriminals. That’s big.

It’s impossible to say whether or not the company would have issued the recall if it weren’t for the original Wired story, but there is a clear cause and effect here — call the manufacturers out on their failings and they will address them. If we don’t? That’s a scary thought.

The U.S. government has responded as well. Senators Ed Markey (D-Mass.) and Richard Blumenthal (D-Conn.) have introduced a new bill called The Security and Privacy in Your Car Act (SPY Car Act). The legislation will direct the National Highway Traffic Safety Administration and the Federal Trade Commission to set industrywide benchmarks to protect driver safety and privacy, shining regulatory light on an issue that was largely contained within the automotive sector until now.

“Rushing to roll out the next big thing, automakers have left cars unlocked to hackers and data-trackers,” said Senator Blumenthal. “This common-sense legislation protects the public against cybercriminals who exploit exciting advances in technology like self-driving and wireless connected cars. Federal law must provide minimum standards and safeguards that keep hackers out of drivers’ private data lanes.”

It’s a start, but in the meantime, there will be hiccups. Personal safety and priceless information are all at stake here, but despite our best efforts, federal agencies, credit card machines, dating websites, and celebrity Twitter accounts are hacked every single day. It’s a constant rat race to keep up, and unfortunately for us, it’s not always the guy with the suit and tie that gets there first.

As car buyers, we crave connectivity. We lust for convenience. But are we ready to live with the consequences?

Andrew Hard
Former Digital Trends Contributor
Andrew first started writing in middle school and hasn't put the pen down since. Whether it's technology, music, sports, or…
Best electric car charger deals: $100 off home charging stations
The handle of the Grizzl-E EV charger plugged into a vehicle.

While they may not dominate the market just yet, electric vehicles have become pretty massive in the past few years, with many people seeing them as the perfect alternative to traditional combustion engines. Of course, because EVs aren't as widespread, that means that there aren't always a ton of charging stations around, and sometimes those have inoperative or full chargers, leading to quite a few issues down the road. Luckily, you can get some excellent car chargers at home, which is why we've collected our favorite car charger deals for you below to save you trouble.
Seguma 16Amp Level 1/2 EV Charger -- $120, was $160

If you need a more basic charger, this Level one and two charger from Seguma is a solid option and can deliver 16 amps and 3.84kW, which is pretty substantial. It also comes with a NEMA 6-20 plug and a standardized J1772 connector, which should work on most EV vehicles out there except for Tesla, which has its own connector. There are also some intelligent charging features, which include things such as protection against things like under and over voltage, leakage, and lighting, and it has an automatic cut-off when your EV is fully charged.

Read more
Revamped Lucid Air shows this luxury EV’s bandwidth
Front three quarter view of a beige 2024 Lucid Air Touring.

If you’re only going to sell one car, you’d better make it count.

The Lucid Air electric car finally took flight in 2020 after years in financial limbo. While Lucid plans to launch an SUV called the Gravity and a line of smaller, more mainstream models, the Air remains Lucid’s sole product nearly four years after its launch. The Air has evolved in that time, adding multiple configurations that allow this one car to fill several niches.

Read more
With 1,800 horsepower, Bugatti’s Tourbillon brings plug-ins past the Prius
The Bugatti Tourbillon is a plug-in hybrid.

Plug-in hybrid technology has reached the automotive industry’s upper echelon. Bugatti has unveiled the Tourbillon, the long-awaited successor to the Chiron, with a gasoline-electric drivetrain rated at 1,800 horsepower, 3D-printed parts in the suspension, and an unusual sound system that has no speakers.

Bugatti developed the Tourbillon on a blank slate. The big coupe’s proportions are relatively close to the Chiron’s because the two cars need to fulfill a similar mission: cruise safely and comfortably at jaw-dropping speeds. Bugatti hints that hitting 250-plus-mph is well within the Tourbillon’s scope of capabilities. For context, the Chiron set a speed record and became the first car to break the 300-mph barrier when it reached 304 mph in 2019, so the brand knows a thing or two about speed.

Read more