Yesterday, three U.S. organizations released a public service announcement regarding the dangers, necessary precautions, and what to do in the event of a remote exploit of your motor vehicle, aka car hacking. The Federal Bureau of Investigation, the Department of Transporation, and the National Highway Traffic Safety Administration released this announcement to help ensure that owners of “smart vehicles” are aware of the susceptibility for an attack such vehicles have.
Last year over a million vehicles were recalled by Fiat Chrysler after a flaw was found in the cyber security of their vehicles. Fortunately, this flaw was found by cyber security researchers who were repeatedly able to connect to a Jeep Cherokee. After hacking the car, many of the car’s functions were able to be controlled remotely. They could control the AC, the radio, the windshield wipers, and, most dangerously, the transmission. When the researchers demonstrated the security failure, they were able to bring the vehicle to a standstill by cutting the transmission in the middle of a busy highway.
An increasing number of cars use electronic control units (ECUs) to control numerous functions of the vehicle such as steering, braking, and acceleration. Vehicles are also gaining more and more wireless capabilities. Diagnostic, navigation, and entertainment systems all connect to the internet and are thereby subject to attack. Manufacturers attempt to limit the interaction between all of these systems, but there are still vulnerabilities. Even connecting your phone to your car systems opens a new avenue for hackers to attack your car. It is these vulnerabilities that make car hacking a very real danger.
The announcement recommended these actions for all drivers:
- Ensure your vehicle software is up to date
- Be careful when making any modifications to vehicle software
- Regularly check for vehicle recalls or software updates
- If you suspect your car has been hacked, contact the vehicle manufacturer or authorized dealer
- U.S. citizens should also contact the FBI and NHTSA if they suspect car hacking
Though the possibility of car hacking is a very real danger, as of yet there have been no reported cases of car hacking taking place outside of controlled tests.