Tuesday, July 21, 2015

Hackers can remote control half a million cars on the road

Reports that hackers can hack your automobile are nothing new, and have always been greatly exaggerated. But now, it seems that it's finally serious, and car makers and drivers should both begin to worry.

Until now, most car-hacking stories would involve something like "after the hackers reprogrammed your car computer" which would require them to have physical to your car, which would make it akin to being afraid that a hacker would break into your home to install malware on your computer. Only then would they be able to control any and all electronically-controllable devices in your vehicle which, these days, is practically everything: from the brake pedal to the gas pedal, and even the steering wheel if you have the automatic parking option.

But we all knew it would be just a matter of time till things got messier, like it does now. Two hackers, Charlie Miller and Chris Valasek, are now capable of hacking into cars remotely putting nearly half a millions cars in risk.

The attack vector is Jeep's Uconnect system that has your car connected to the world... including these hackers. Using this connection they can exploit a vulnerability that allows them to gain control over the car's infotainment unit, and from then on they can remotely rewrite the car firmware and have total control of its every device. They can disable your brakes, step on the gas for you, lock and unlock your doors, change the radio station and set the volume to the max... or do less intrusive things, like simply monitor your position be checking your car's GPS system.

From Fiat Chrysler, the response is the usual corporate stuff: hackers shouldn't expose things that put people at risk, trying to shift the attention from the fact that it's their responsibility to make sure their cars are safe, and that they can provide adequate updates should the need arise - like it does now.

Truth be told, they already have a software update that can fix this vulnerability. But it's kind of awkward that, unlike the remote hacking technique, this update needs to be manually installed at a dealership mechanic (or by the end user using a USB stick.)

No comments:

Post a Comment

Related Posts with Thumbnails

Amazon Store