The scenario is very frightening. You are making your daily commute to work at 55 mph when suddenly your car begins to accelerate uncontrollably. You step on the brake and nothing happens. Your transmission is not operating as it should, the radio starts blaring, the windshield wipers start operating at full speed and the horn is blowing. You think it could be a manufacturer’s defect…but then you look around and see dozens of other cars out of control as well. The beginning of a bad sci-fi movie? No…you…and others around you have had your vehicles hacked. Sounds farfetched? Understandably, but according to newly published information, control of your vehicle is now at risk and driving may soon be unsafe…no matter at what speed.
Many people are aware that our new generation of automobiles have more computing power than the spacecraft that went to the moon. That computing power allows the vehicles to operate more efficiently, lets us enjoy the entertainment system, gives us access to the internet with connectivity, and increasingly provides vehicle autonomy.
The problem is that with increased reliance on computers and related technology, we have opened the possibility that our cars will be hacked, just like our digital systems at home and in the office. Two years ago, researchers found that they could connect to vehicles and take over control of certain aspects of the operating system. At that time such control required direct access to the vehicle, so any concerns were downplayed by auto manufacturers. Keep those with malicious intent (hackers) away from your car, keep it locked and all is well. However, those with a vested interest in the cyber community took notice of the research and began to worry.
It seems now that those worries and concerns were justified. According to reports in the media, researchers have now been able to reach out and touch vehicles anywhere in the nation and gain control via the Internet. Researchers Charlie Miller and Chris Valasek have demonstrated to reporters their ability to control vehicles in a dramatic fashion. They hacked the SUV the reporter was driving, turning off and on various systems, and eventually forcing the Jeep into a ditch (at low speed). All this done remotely, from miles away, via Internet connections to the computers in the vehicle.
Miller and Valasek plan to reveal many of the details of their hacking activities at an upcoming Black Hat meeting. Until then, auto manufacturers are scrambling to find ways to install security systems to the computers they placed in their cars and make them once again safe to drive.
Those in the cybersecurity community have been long aware that wherever there is a computer, and connection to the Internet, the possibility exists of ‘bad actors’ gaining control of the system. Warnings have been sounded, but largely ignored. Hopefully, this new evidence of the dangers to our systems will be heeded and appropriate action taken before our highways become playgrounds for hackers.
For more information on cybersecurity and transportation, check out our new book “Protecting Our Future: Educating a Cybersecurity Workforce” (Volume 2).