Can Your Car Be Hacked?
Hack to the future.
|
Not too long ago, securing a car meant popping the faceplate off the CD
player, slapping a Club over the steering wheel, and locking the doors.
As vehicles’ electronic systems evolve, however, automobiles are
starting to require the same protection as laptop computers and
e-commerce servers.
Currently, there’s nothing to stop anyone with malicious intent and some
computer-programming skills from taking command of your vehicle. After
gaining access, a hacker could control everything from which song plays
on the radio to whether the brakes work.
While there are no reported cases of cars being maliciously hacked in the real world, in 2010, researchers affiliated with the Center for Automotive Embedded Systems Security
(CAESS—a partnership between the University of California San Diego and
the University of Washington) demonstrated how to take over all of a
car’s vital systems by plugging a device into the OBD-II port under the
dashboard.
It gets worse. In a paper that’s due to be published later this year,
those same researchers remotely take control of an unnamed vehicle
through its telematics system. They also demonstrate that it’s
theoretically possible to hack a car with malware embedded in an MP3 and
with code transmitted over a Wi-Fi connection.
Such breaches are possible because the dozens of independently
operating computers on modern vehicles are all connected through an
in-car communications network known as a controller-area-network bus, or
CAN bus.
Even though vital systems such as the throttle, brakes, and steering are
on a separate part of the network that’s not directly connected to less
secure infotainment and diagnostic systems, the two networks are so
entwined that an entire car can be hacked if any single component is
breached.
So the possibility now exists for platoons of cars to go rogue at the
command of computer-savvy terrorists, crazed exes, and parking
attendants with Ph.D.s in computer science. But the truth is that
hacking a car takes a lot of time, effort, and money—three resources
automakers are using to fight back.
At Chrysler, where optional infotainment systems are integrated with
hard drives and mobile internet hot spots, company spokesman Vince
Muniga says a data breach of an individual automobile is “highly
unlikely.” That doesn’t mean the company is ignoring the problem. “It’s
an ongoing engineering issue,” he says. “You want to stay one step ahead
of what these guys might do.” Rich Strader, Ford’s director of
information technology security and strategy, says the automaker has
been steadily strengthening in-vehicle systems, but the threat is always
evolving. He says the difficulty with security is that “you can’t
honestly say something is impossible.”
Presently, automakers are beginning to take steps to secure networks the
same way the information-technology sector now locks down corporate
servers. “Just like the internet in its early days, car networks don’t
employ very much security,” says Brad Hein, a programmer who accessed
vehicle data from his 2006 Chevy Impala on an Android phone using code
he’d written. “As more people start to access car networks,” Hein says,
“I expect that the auto industry will start beefing up the security.”
That’s certainly happening at OnStar,
the telematics system that’s already in more than 6 million vehicles.
Eric Gassenfeit, OnStar’s chief information security officer, says his
team has seen resources and staff grow “by an order of magnitude” over
the past two years.
So the battle between the hackers and the carmakers is on. Here are your
car’s most vulnerable entry points and what automakers are doing to
protect them:
|
TELEMATICS SYSTEM
THE HACK:
A car’s telematics system, which can notify police in the event of a
crash, remotely disable a stolen vehicle, and offer diagnostic
information to customers, can also interface with multiple vehicle
systems. Therefore, after gaining access to the telematics system, it’s
possible to control the systems connected to the CAN bus. A hacker
could, for example, disable a car’s ignition the same way an anti-theft
system would.
THE DEFENSE: To demonstrate this
kind of hack, researchers had to master and reverse-engineer an entire
telematics system. Still, forward-looking automakers are already beefing
up the security of external communications and in-car networks. OnStar,
for example, has a “white list” of approved computers that are allowed
to connect with cars.
MP3 MALWARE
THE HACK:
Naughty boy. You downloaded your Odd Future tunes from an unauthorized
file-sharing service. Little did you know that version of Goblin contains code that battles its way to your car’s CAN bus and disables your brakes.
THE DEFENSE: As infotainment
systems gain functionality, carmakers are shielding them from more vital
components without jeopardizing vehicle integration. “We harden all our
safety-critical systems,” says OnStar’s security chief Gassenfeit. GM’s
newer cars, such as the 2011 Chevy Volt, verify any data sent between
two systems the same way online retailers process credit cards.
UNAUTHORIZED APPS
THE HACK:
Just as smartphone manufacturers have app stores in which thousands of
programs developed by third-party companies are available for download,
carmakers are expanding their infotainment offerings through
downloadable software. If a rogue app contains malware or a virus,
however, it can infect your car without your knowledge.
THE DEFENSE: Carmakers are very strict in selecting which apps make it onto their systems. Ford’s MyFord Touch and Toyota’s Entune
allow only a handful of preapproved programs, while GM’s MyLink goes so
far as to route all software through remote servers so that users won’t
inadvertently install infected apps on their cars.
OBD-II
THE HACK:
The researchers at CAESS wrote a program that searched for and
exploited vulnerable communications points where vehicle systems
interface. They installed that program onto the car’s CAN bus through
the OBD-II port. Once on the network, the program could control every
system from the windshield wipers to the brakes. This is the most direct
way to hack a car, as it sends code directly to the CAN bus.
THE DEFENSE: Until recently,
most of the data sent among vehicle systems had not been encrypted,
leaving cars wide open for enterprising hackers. Now, carmakers are
starting to adopt routine security protocols from the
information-technology field, such as protecting files with digital
signatures. “What’s pretty much standard IT is now being applied to the
automotive sector,” says Gassenfeit.
DOOR LOCKS
THE HACK:
In most modern cars, the power-locking mechanism is connected to other
vehicle systems so that doors can lock automatically when a car is put
into drive and unlock if the airbags have been deployed or the keys are
locked inside. That interconnectivity, theoretically, means that the
locking mechanism can be breached to access other systems. If
accelerating can engage a car’s power locks, a skilled hacker could use
the power locks to force that car to accelerate.
THE DEFENSE: Infotainment and
onboard diagnostic systems are still linked by a physical connection to
the module that controls functions such as steering and braking, but on
some systems, such as Ford’s, that connection goes only one way. “The
only thing we allow is for the real-time module to send messages in one
direction,” says Ford’s Strader.
KEY FOB
THE HACK:
It sounds like one of those warnings that shows up in chain e-mails
every few months, except it’s true. A wireless key fob is supposed to
unlock and/or start the car only when the person holding the key-fob is
directly next to the vehicle or already sitting inside. However, Swiss
researchers have found a way to intercept and extend the signal up to 30
feet with parts that cost less than $100. The setup doesn’t replicate
the signal—it just extends its range so the car thinks the key fob is
closer than it actually is.
THE DEFENSE: There’s not much a
car manufacturer can do here. These hackers haven’t broken the key
fobs’ encryption in any way—they’ve just extended its range with a radio
repeater. So keep an eye out for anyone loitering in a parking lot and
holding a homemade antenna.
No comments:
Post a Comment