Car hacking again… now at high speed!

Not even a week has passed since I was writing about “Not yet worried about vehicle hacking? You should be!” and we see in the news that at Blackhat that exactly this is happening.

At BlackHat USA this week, the security researchers Charlie Miller and Chris Valasek are scheduled to present their latest findings in the world of car hacking. Again !

Miller and Valasek have already made names for themselves last year with the dramatic hacking of Jeep Cherokee, a interfering with its entertainment system, engine and brakes, while it was being driven down a busy highway at 70mph. Fiat Chrysler announced back then a safety recall of 1.4 million vehicles.

Now, the situation changed.

“By sending carefully crafted messages on the vehicle’s internal network known as a CAN bus, they’re now able to pull off even more dangerous, unprecedented tricks like causing unintended acceleration and slamming on the car’s brakes or turning the vehicle’s steering wheel at any speed.”(Wired)

Watch for yourself the movies on YouTube:

 

What does this mean?

Thankfully, their previous work helped Chrysler create a security update to fix the flaw that gave them their earlier, remote access to the Jeep’s guts. This new hack, however, is still possible on patched Jeeps like the one they tested. And the real reason for extending their Jeep attack is to demonstrate what the full consequences of a digital attack on cars or trucks would have looked like in the absence of that patch; Their full-speed attack on the Jeep’s steering and acceleration is what could happen the next time sophisticated hackers find a wireless foothold on a vehicle’s network.

If a car can be altered with a device (smartphone?) that can connect to the CAN-BUS, then anything can happen.

Like suddenly driving you at full speed into a wall or in the traffic coming from the other direction.

 

 

Great! Now what?

This is worrisome.. Why? Because there are many other cars out there that might have the same issue.

I will post here about future hacks.


© Copyright 2016 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check www.mustaca.com for the IT Consulting services I offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie http://de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca

Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since year 2000 in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is an independent IT Security Consultant focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close