can modern cars be hacked?
Not too long ago, securing a car meant popping the faceplate off the CD player, slapping a Club over the steering wheel, and locking the doors.
As vehicles’ electronic systems evolve, however, automobiles are starting to require the same protection as laptop computers and e-commerce servers. Currently, there’s nothing to stop anyone with malicious intent and some computer-programming skills from taking command of your vehicle. After gaining access, a hacker could control everything from which song plays on the radio to whether the brakes work.
While there are no reported cases of cars being maliciously hacked in the real world, in 2010, researchers affiliated with the Center for Automotive Embedded Systems Security (CAESS—a partnership between the University of California San Diego and the University of Washington) demonstrated how to take over all of a car’s vital systems by plugging a device into the OBD-II port under the dashboard. It gets worse. In a paper that’s due to be published later this year, those same researchers remotely take control of an unnamed vehicle through its telematics system. They also demonstrate that it’s theoretically possible to hack a car with malware embedded in an MP3 and with code transmitted over a Wi-Fi connection. Such breaches are possible because the dozens of independently operating computers on modern vehicles are all connected through an in-car communications network known as a controller-area-network bus, or CAN bus. Even though vital systems such as the throttle, brakes, and steering are on a separate part of the network that’s not directly connected to less secure infotainment and diagnostic systems, the two networks are so entwined that an entire car can be hacked if any single component is breached. So the possibility now exists for platoons of cars to go rogue at the command of computer-savvy terrorists, crazed exes, and parking attendants with Ph.D.s in computer science. But the truth is that hacking a car takes a lot of time, effort, and money—three resources automakers are using to fight back.
What automakers do about car hacking?
Presently, automakers are beginning to take steps to secure networks the same way the information-technology sector now locks down corporate servers. “Just like the internet in its early days, car networks don’t employ very much security,” says Brad Hein, a programmer who accessed vehicle data from his 2006 Chevy Impala on an Android phone using code he’d written. “As more people start to access car networks,” Hein says, “I expect that the auto industry will start beefing up the security.”
How can I make sure I keep control?
Get to know your vehicle and understand what online services or digital access points it possesses. Anything with a built-in SIM card or an infotainment system that tethers to your smartphone is transmitting data, so just double check it’s secure. You also need to ask the tough questions when buying a new car: what digital security measures have been put in place? What is being done to combat future issues? It’s always best to be prepared – even though car hacking incidents are still extremely rare.