Car Hacking
Wireless attacks.
You’re behind the wheel on the way to the office/grocery store/kids’ soccer game/wherever. Suddenly, the radio starts blaring—strange, because you just shut it off. Then the air conditioning turns on. After that, the turn signal. Your pulse picks up; you wonder what the heck is going on—and that’s when the engine cuts out.
It could happen. Back in July, hackers Charlie Miller and Chris Valasek staged a proof-of-concept takeover of a Jeep Cherokee driven by a journalist from Wired magazine. The exploit was alarmingly straightforward: a laptop running some custom software, a cellular connection, and the vehicle’s existing on-board entertainment system were all it took. After a few made-for-YouTube moments featuring an excess of both wiper fluid and hip-hop, the hackers demonstrated the seriousness of the vulnerability by commandeering the accelerator and driving the vehicle into the ditch.
While the journalist emerged from the attack unscathed, parent company Fiat Chrysler Automobiles hasn’t been so lucky. So far, the company has recalled 1.4 million cars and trucks to fix the security hole. But other automakers are likely to be feeling the pain soon: while the infotainment system exploited by Miller and Valasek was specific to Fiat Chrysler, similar systems are ubiquitous in today’s wired vehicles, making a cross-industry recall a very real possibility.
Exploding gas tanks, sticky accelerators, and faulty ignition switches—over the years, car manufacturers have demonstrated a woeful myopia when it comes to keeping their products safe. But the Jeep hack brings up issues that extend far beyond Detroit. This whole “Internet of things” thing—sure, it’s cool being able to tell your house to turn on the porch light from your phone, or use your laptop to get the fridge to make more ice. But every one of these connections is a gateway; unless we take care to lock it behind us, that gateway can lead the world into our private lives, where they can take control of the machines, appliances, and tools we take for granted.
One thing the Jeep hack makes clear: it won’t be the drivers (Ferrari) or the designers (Giugiaro) or the industrialists (Ford) or the visionaries (Musk) who inherit the auto industry. It’ll be the programmers—the guys scouring through code for a typo that might allow someone to hijack your ride. Not exactly what the lyricist had in mind when he asked you to get your motor runnin’. But it’ll have to do.