Search This Blog

Friday, July 24, 2015

Security Experts Demonstrate Ability to Remotely Crash a Jeep Cherokee

As reported by TechXploreA pair of cybersecurity experts has demonstrated to a writer for Wired magazine, an ability to remotely hack into a Jeep Cherokee and take over some of its functions, and at least in one case, to cause the vehicle to run into a ditch. The demonstration was staged by security hackers Charlie Miller and Chris Valasek and Wired writer Andy Greenberg—the purpose was to showcase the increasing vulnerability of modern cars and trucks to hacking.

Hacking Demonstration

Over the past several years car and truck makers have introduced cellular technology into vehicles to offer customers over-the-internet services, such as automatically monitoring  systems and offering assistance if it appears it is needed. Such systems can alert service workers who can in turn alert authorities for example, if it appears a vehicle has crashed. But that has led to a new type of danger Miller and Valasek insist, drivers and their vehicles are becoming more vulnerable to hacking of the type that can put them at risk of physical harm.
In the demonstration, Greenburg drove the vehicle on a public highway, while Miller and Valasek hacked into its onboard systems from a remote location. They took over the A/C system and the radio, and at one point squirted fluid on the windshield. Then, they caused the accelerator to stop working which of course caused the vehicle to slow suddenly on a freeway. Continuing the experiment, Greenburg drove to an abandoned lot where the hackers disabled his brakes, causing him to drive into a ditch.
The hack was possible due to a lot of work on the part of the security experts, they have been studying onboard vehicle systems for a couple of years and are set to give a talk at this year's Black Hat conference outlining what they have found. They have also been "working" with car makers, keeping them abreast of their findings—Chrysler for example has already put together a patch to protect vehicles such as the Jeep Cherokee that come with the company's Uconnect infotainment system. Owners of vehicles have to download the patch and apply it via a USB stick or have a dealer do it for them. But that is beside the point, the security duo claim, the real issue is that  makers are adding vulnerabilities to vehicles without doing the work required to keep hackers from taking them over and either bricking them, or causing harm.

In an additional report by BBC News, a European security group was able to show that several car infotainment systems are vulnerable to a hack attack that could potentially put lives at risk.  NCC Group said the exploit could be used to seize control of a vehicle's brakes and other critical systems from the infotainment systems.
The Manchester-based company told the BBC it had found a way to carry out the attacks by sending data via digital audio broadcasting (DAB) radio signals.  It coincides with news of a similar flaw discovered by Chris Valasek and Charlie Miller.  However, NCC's work - which has been restricted to its labs - points to a wider problem.
NCC computer
NCC Group was able to transmit the DAB signal using a laptop and a box made from easy-to-source parts
The UK's Society of Motor Manufacturers and Traders has responded by saying that car companies "invest billions of pounds to keep vehicles secure as possible".
Breached brakes
NCC demonstrated part of its technique to BBC Radio 4's PM program at its offices in Cheltenham.
By using relatively cheap off-the-shelf components connected to a laptop, the company's research director, Andy Davis, created a DAB station.  Because infotainment systems processed DAB data to display text and pictures on car dashboard screens, he said, an attacker could send code that would let them take over the system.
Once an infotainment system had been compromised, he said, an attacker could potentially use it as a way to control more critical systems, including steering and braking. Depending on the power of the transmitter, he said, a DAB broadcast could allow attackers to affect many cars at once.
"As this is a broadcast medium, if you had a vulnerability within a certain infotainment system in a certain manufacturer's vehicle, by sending one stream of data, you could attack many cars simultaneously," he said.  "[An attacker] would probably choose a common radio station to broadcast over the top of to make sure they reached the maximum number of target vehicles."
Mr Davis declined to publicly identify which specific infotainment systems he had hacked, at this point.
Lab simulation
In many ways, modern cars are computer networks on wheels.  Mike Parris, of SBD, another company that specializes in vehicle security, said modern cars typically contained 50 interlinked computers running more than 50 million lines of code.
By contrast, he said, a modern airliner "has around 14 million lines of code".
Car read-out
The addition of automated car controls is creating new opportunities for hackers
Such technology allows the latest cars to carry out automatic maneuvers. For example, a driver can make their vehicle parallel park at the touch of a button.
Mr Davis said he had simulated his DAB-based attack only on equipment in his company's buildings because it would be illegal and unsafe to do so in the outside world.
But he added that he had previously compromised a real vehicle's automatic-braking system - designed to prevent it crashing into the car in front - by modifying an infotainment system, and he believed this could be replicated via a DAB broadcast.
"If someone were able to compromise the infotainment system, because of the architecture of its vehicle network, they would in some cases be able to disable the automatic braking functionality," he said.