by Juniette Fiore
That old pass-me-down car just might save your life.
WIRED magazine challenged two hackers, Charlie Miller and Chris Valasek, to see if they could take control of a Jeep Cherokee.
WIRED writer Andy Greenberg, the willing test subject, was driving down the highway at 70 mph when all of a sudden his air conditioner was at maximum level, the radio started blasting hip-hop music and the windshield wipers went off.
The transmission and accelerator where cut off next, leaving the Jeep slowly inching across the highway with a trail of cars backed up behind it. Eventually, Greenberg’s car ended up in a ditch.
That’s not all Miller and Valasek could have done. These hackers have the ability to completely kill the engine, cut the brakes, track your GPS coordinates and even take control of the steering wheel. Their hacking technique is known as zero-day exploit, which allows for wireless control over thousands of vehicles.
What made the Jeep Cherokee vulnerable?
Just like credit card hacking and identity theft, no digitally connected network will ever be fully safe from hacking. In this case, Miller and Valasek found that all Chrysler models from 2013 to 2015 were vulnerable to this breach if they had the Uconnect infotainment system, an internet-connected feature which basically turns your car into a giant smartphone. This could signal a great danger in years to come as driverless cars gain more popularity and are introduced to the public.
When a hacker breaches your car’s security system, your life is in immediate danger. You could end up in an accident, your car’s destination could be altered or, ultimately, the hackers could kill you from the comfort of their couch.
What can we do?
The first thing Charlie Miller suggests we as a consumer do is start complaining to automakers. Let them know that we are aware of this issue and they can’t cover it up. Hold automakers accountable and make it clear that the possibility of being hacked is a major life-threatening issue.
For cars that are already on the road, automakers could have their software team offer over-the-air updates to patch up any software glitches and protect drivers from hacking. These updates have already been put in place by Ford and BMW.
As a response to Miller and Valasek’s hacking experiment, Chrysler created a patch for models that could be vulnerable to similar breaches. Unfortunately, this patch can only be downloaded via a USB stick or by a dealer. Since it is not an over-the-air update, many cars will probably remain without the patch. Chrysler went an extra step and issued a recall for certain vehicles.
Also in response to Miller and Valasek’s past work, Senators Richard Blumenthal and Edward Markey announced legislation that would set new federal standards for digital security to keep our cars and drivers safe.
In short, Miller and Valasek urge consumers and automakers to act now. Cyberhacking is a reality and you might be next.
Learn more about the hacking experiment here: http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/