From Car Jackers to Hackers: The Future of Vehicle Hacking
Technology is rapidly evolving and throughout history has advanced right under our noses. Nearly every modern convenience we have has a fully functional computer system running it from Smart TVs to expensive, high-end toasters. The cars we drive today are no exception to this. Nearly everything running in many modern vehicles from the late 2000s onwards is managed and operated by a sophisticated network of on-board computers. Some are even networked to the internet via satellite or Bluetooth wireless technology. As vehicles become more dependent on sophisticated electronic systems they have also become increasingly connected through wireless networks. It has gotten to the point that Congress and federal regulators are worried about the potential for hackers to interfere with vehicle functions. A report overseen by Massachusetts Senator, Ed Markey, says vehicles are vulnerable to hacking through wireless networks, smartphones, guidance and information systems like OnStar even the right/wrong kind of CD popped in.
The report from Senator Markey titled “Tracking and Hacking: Security and Privacy Gaps Put American Drivers at Risk,” was released publicly and compiled data by sending out letters to major car manufacturers to try to determine the prevalence of technologies that are intended to improve driver safety and car performance while raising concerns about security. The report used feedback from the 16 major car manufacturers who responded, including BMW, Chrysler, Ford, GMC, Honda, Hyundai and Jaguar Land Rover. While no solutions to any of the issues discovered, this report can be seen as a first step to changes in the standards for technology not just in automobiles but also other devices connected to a network of sorts.
Similar to internet-enabled Smart TVs, there is currently no available form of cyber security for the computer systems in vehicles. This can be a particular problem for people with a keyless ignition system for starting your car. Keyless ignition systems work much like how remote or keyless entry systems work: you are issued with a fob programmed by the manufacturer with a unique code. For ignition, the fob is usually either placed in the dashboard or simply sends a signal within range with the car’s onboard computer detecting the code and allowing the driver to start the car if the signal between the fob and the car match. See, cars with a keyless ignition system, and even cars with a keyless entry system have what is called a “Controller Area Network” (CAN for short) meaning they are designed to send and receive specific signals within a specific radius and it was only a matter of time before someone came up with a device to exploit this.
There are CAN Hacking tools that some use to gain entry into vehicles, but they’ve been recently taken a step further and can now run malicious codes through a vehicle’s system and even potentially remotely control the lights, locks, steering, and brake system. It’s a distinct and conspicuous device however. CAN Hacking tools are about the size of a smartphone but look more or less suited to the motherboard of a computer. If someone is walking around carrying what looks like a set of chips and circuit boards with an antenna chances are it’s one of these devices. The fact that they have been made public only increases awareness which is a good thing for people.
If it seems like science fiction to you, you wouldn’t be wrong to feel that way. This kind of scenario has made its way into our imagination for a while long before cars started using computers. From Danny DeVito as the Penguin sabotaging the “Batmobile” in 1992s Batman Returns, a team of terrorists remotely hijacking the vehicles of the heroes in Fast & Furious 6 and even all the way back to the Roger Moore era of James Bond: technology has pretty much caught up to speculative fiction. Imagine driving when all of a sudden your brake system stops the car and the ignition is shut down. That leaves the driver and passengers vulnerable to all sorts of external threats and indeed various law enforcement agencies and military organizations have used some of these tricks to deter criminals, as evidenced by DARPA (Defense Advanced Research Projects Agency) being the primary agency looking into these matters. However, because the technology is still relatively young and there aren’t many safeguards, the tech required to do these things is pretty easy to obtain.
Remember the 90s when people used to put those ridiculous locks that hook onto steering wheels? It turns out that because car theft has become increasingly reliant on modern technological means, old-school methods of protecting your car such as these locks make things really inconvenient for thieves. Looking into non-technological means for vehicular security such as these lock/security contraptions are not a perfect solution, but they should keep you generally on guard while manufacturers and other agencies develop consumer-ready cyber security for your vehicle.