hacked Jeep Cherokee (Photo : ABC.net.au)
A pair of cybersecurity experts including a former NSA hacker has used the Internet to switch off a car's engine while it was in motion. The online hacking of the Chrysler Jeep Cherokee's radio, air conditioner, transmission, and brakes show the security risks of today's vehicles linked to the Web.
Charlie Miller works at Twitter and is a former National Security Agency (NSA) hacker, while Chris Valasek is an IOActive researcher. They hacked the car from 10 miles away, in Miller's basement.
The two men used a Uconnect (telematrics system) feature of Fiat Chrysler to access a vehicle driven by a technology news reporter on a highway. He works for Wired.com.
In a test they switched on various features of the Jeep Cherokee. That included its radio. Next, the researchers rewrote source code in the vehicle's entertainment system hardware, allowing them to send commands to the engine, steering, and brakes.
Andy Greenberg was the "digital crash-test dummy." He wrote that without touching the dashboard, cold air blasted from the vents, the radio tuner switched to a hip hop station, windshield wipers released wiper fluid, and the transmission and brakes turned off, according to PC Mag.
Miller told Reuters that hundreds of thousands of vehicles are vulnerable to hacking. Fiat Chrysler has announced that it has fixed the security vulnerability, and offered a free software update on its website.
The company mentioned that vehicle software needs updates to reduce the risk of its systems being hacked. It is like smartphones and tablets.
Miller and Valasek had warned that remote hacking would one day be possible. An academic team has already claimed that it hacked a vehicle in motion, but never revealed the automaker.
Hackers can only attack random vehicles. That is because the car's Internet Protocol address changes each time it starts up, according to Reuters.
Mark Rosekind is chief of the National Highway Traffic Safety Administration (NHTSA). He said on July 21, Tuesday that the agency is concerned about the hacking of vehicles' control systems.
The United States Congress is also anxious. Sens. Richard Blumenthal (D-CT) and Ed Markey (D-MA) introduced a bill on Tuesday that would require the NHTSA to create standards to detect hacking of critical software.
