automotive websites

Car hacking: Imminent threat or farfetched fear?

Car hacking: Imminent threat or farfetched fear?

According to a latest report from cyber-security experts at RSA, in today’s increasingly computerized world, cyber-crime issues “comprise a threat horizon that proceeds to accelerate and expand with no end in view”.

Since much the same can be said about the growth of computing power in today’s vehicles — which rely on technology for everything from 3D navigation graphics to semi-autonomous driving capabilities — the risks for having your car or truck hacked would seem to be on the rise as well. But should current drivers be worried about the issue right now, or is it time to pump the brakes on the car-hacking funk?

The article starts off like a high-tech nightmare, with Wired’s Andy Greenberg detailing how hackers gained control of his Jeep Cherokee as he was driving near St. Louis, eventually disabling the transmission and bringing the vehicle to a finish halt. As an outcome, Fiat-Chrysler Automobiles, Jeep’s parent company, ended up recalling some 1.Four million vehicles to address the concern.

It was not the very first time a journalist’s car had been successfully targeted by a cyber-attack. Before then, a sixty Minutes segment displayed the results of a remote vehicle hack through GM’s OnStar telematics system, with Leslie Stahl behind the wheel.

If all that makes the risk of car hacking sound pretty serious, well, the FBI and NHTSA agree with this assessment. Those high-profile incidents occurred in 2015, and by the spring of this year, the FBI and NHTSA had become so worried about cyber security that they issued a joint public-service announcement for consumers. A key takeaway was a direct confirmation that “researchers could build up significant control over vehicle functions remotely by exploiting wireless communication vulnerabilities”.

Meantime, in-vehicle wireless-communication technology, from Bluetooth connectivity to full-on mobile Wi-Fi access, is only becoming more common. Almost all cars, trucks and SUVs presently have the former, and most vehicles from Chevrolet and the rest of the GM brands now come with the latter as standard equipment. Ford’s next-gen SYNC three infotainment system also relies on Wi-Fi for software updates, and premium brands, such as Mercedes-Benz, have launched vehicle-to-vehicle (V2V) communication technologies. V2V systems hold much promise for enhanced automotive safety, since they permit cars to share data about accidents and traffic conditions, for example, so that drivers can take preventative act. But they’re also another one of those potential “vulnerabilities”.

Yet even in the face of this concerted thrust to raise awareness about the threat of car hacking, and just three months after the PSA from the FBI and NHTSA was released, car thieves were caught using laptops to steal Jeeps in Houston.

Especially if you have a newer car with some of those newer technologies, these warnings are almost enough to make you consider providing up driving entirely. But technology reporter David Pogue, among others, wants you to consider a few other facts.

Writing in the Scientific American, Pogue notes that it actually took numerous years and numerous researchers to accomplish the sixty Minutes hack. Also, albeit Pogue doesn’t mention it, those researchers weren’t just any hackers. They were from one of the U.S. Department of Defense’s most innovative technology organizations, the Defense Advanced Research Projects Agency (DARPA). This was the agency that essentially invented the Internet, so it would be more of a surprise if its scientists couldn’t figure out how to build up access to a car’s computers.

Similarly, it took the two people behind the Wired incident two years of work to go from hacking a vehicle using a physical device to demonstrating off their fully wireless remote-control capabilities—on what was their own Jeep. And when they exposed more ways to take over a vehicle’s internal computing network in August, Wired indicated that they needed “a laptop directly plugged into the Jeep’s CAN network via a port under its dashboard”.

The point being that if cyber criminals need physical access to a vehicle before they can hack it, the very first line of defense is much the same as against any car thieves, because it involves stopping a break-in.

Pogue’s analysis sparked a response from Wired’s editors, and without getting derailed by the journalistic kerfuffle inbetween the two, it’s clear they share a common ground: Yes, it’s possible for someone with enough time, resources and expertise to build up control of some vehicles by hacking into their computer systems. It’s just not at all probable that it will happen to your car anytime soon.

As an automotive writer for CARFAX, Charles Krome goes after the latest trends in car technology especially as it relates to consumer safety and car value.

Related movie: