Skip to main content

Smart cars are hackable cars. Are the features worth the risk?

Jeep interior
Image used with permission by copyright holder
The automotive world is one of give and take. If you want hardcore performance, you sacrifice comfort; if you prioritize fuel economy and luxury, you probably won’t be king of the racetrack; and if you have a connected car, you may be vulnerable to hackers.

Cybersecurity concerns have swirled around the transportation sector for some time, but never with the same gravitas that coursed through the blogosphere last week. Chris Valasek — Director of Vehicle Security Research for the security consultancy IOActive — and Charlie Miller — a former NSA employee — were able to able to hijack a Jeep Cherokee’s Unconnect infotainment system via the car’s cellular network. Once they were in, the duo was able to send signals to the car’s computer system, manipulating the brakes, engine, and transmission with a couple laptops in a living room. All they needed was the vehicle’s IP address.

Recommended Videos

If you’re still driving your grandpa’s 1968 Oldsmobile, you probably weren’t too worried. If you own a more modern car though, one packed with wireless features and the ability to link with mobile devices, the news probably gave you some pause. And for good reason.

Charlie Miller (left) and Chris Valasek (right)
Charlie Miller (left) and Chris Valasek (right) Whitney Curtis/Wired

The modern car market demands increased functionality and inter-device communication from the factory, and there are unique security threats that come along with that. Any time a vehicle’s systems are connected to the Internet — directly or indirectly — there will be gaps in the digital armor. The fallout could be something as simple as an unresponsive radio or flashing headlights, but as we found out last week, cybercriminals can potentially access a car’s vital systems remotely, and we don’t need to explain how dangerous that is.

Any time a vehicle’s systems are connected to the Internet — directly or indirectly — there will be gaps in the digital armor.

We have yet to hear about a harmful unauthorized attack on a passenger vehicle, and clearly Valasek and Miller are not amateurs, but the vulnerabilities are clear. It’s not just Jeep vehicles either: nearly every major automaker offers an infotainment system that’s connected to the Web: Ford, Toyota, Honda, Volvo, Volkswagen, Subaru, Hyundai … you name it. Tesla’s newest vehicles can even download powertrain updates over the air, which directly affect the car’s acceleration. Is it only a matter of time before something horrible happens outside of a controlled experiment?

For answers, we turn to the carmakers themselves, and Fiat Chrysler’s initial response to the events was quite interesting. On July 22, the brand put out a press release, explaining that “some functions” had been remotely controlled, and that the automotive industry is a potential hacking target like any other. After the community began to flex its muscles, the company implemented a recall of 1.4 million vehicles, issuing USB sticks that contained a software patch to every owner alongside network-level security measures. Mailing out a truckload of thumb drives seems like an ironically insecure way to fix the problem, but a major automaker has admitted that modern cars are at risk from the attacks of cybercriminals. That’s big.

It’s impossible to say whether or not the company would have issued the recall if it weren’t for the original Wired story, but there is a clear cause and effect here — call the manufacturers out on their failings and they will address them. If we don’t? That’s a scary thought.

The U.S. government has responded as well. Senators Ed Markey (D-Mass.) and Richard Blumenthal (D-Conn.) have introduced a new bill called The Security and Privacy in Your Car Act (SPY Car Act). The legislation will direct the National Highway Traffic Safety Administration and the Federal Trade Commission to set industrywide benchmarks to protect driver safety and privacy, shining regulatory light on an issue that was largely contained within the automotive sector until now.

“Rushing to roll out the next big thing, automakers have left cars unlocked to hackers and data-trackers,” said Senator Blumenthal. “This common-sense legislation protects the public against cybercriminals who exploit exciting advances in technology like self-driving and wireless connected cars. Federal law must provide minimum standards and safeguards that keep hackers out of drivers’ private data lanes.”

It’s a start, but in the meantime, there will be hiccups. Personal safety and priceless information are all at stake here, but despite our best efforts, federal agencies, credit card machines, dating websites, and celebrity Twitter accounts are hacked every single day. It’s a constant rat race to keep up, and unfortunately for us, it’s not always the guy with the suit and tie that gets there first.

As car buyers, we crave connectivity. We lust for convenience. But are we ready to live with the consequences?

Andrew Hard
Former Digital Trends Contributor
Andrew first started writing in middle school and hasn't put the pen down since. Whether it's technology, music, sports, or…
Global EV sales expected to rise 30% in 2025, S&P Global says
ev sales up 30 percent 2025 byd sealion 7 1stbanner l

While trade wars, tariffs, and wavering subsidies are very much in the cards for the auto industry in 2025, global sales of electric vehicles (EVs) are still expected to rise substantially next year, according to S&P Global Mobility.

"2025 is shaping up to be ultra-challenging for the auto industry, as key regional demand factors limit demand potential and the new U.S. administration adds fresh uncertainty from day one," says Colin Couchman, executive director of global light vehicle forecasting for S&P Global Mobility.

Read more
Location data for 800,000 cars exposed online for months
VW logo.

A data leak led to around 800,000 Volkswagen (VW) electric vehicles (EVs) having their location exposed online for several months, according to a report by German news magazine Der Spiegel.

The global incident impacted owners of EVs from VW, Audi, Seat, and Skoda, with real-time location showing for the affected vehicles, whether they were at home, driving along the street, or, in the words of Der Spiegel, parked “in front of the brothel.”

Read more
Faraday Future could unveil lowest-priced EV yet at CES 2025
Faraday Future FF 91

Given existing tariffs and what’s in store from the Trump administration, you’d be forgiven for thinking the global race toward lower electric vehicle (EV) prices will not reach U.S. shores in 2025.

After all, Chinese manufacturers, who sell the least expensive EVs globally, have shelved plans to enter the U.S. market after 100% tariffs were imposed on China-made EVs in September.

Read more