In the digital age, there will always be risks. From corporate breaches that expose our sensitive information like credit card numbers to hackers and thieves to viruses that hijack our computers. Now we can add cars to that list of worries. Wired magazine enlisted the help of a couple of hackers to test the susceptibility of a new Jeep Cherokee that has wireless capabilities.
Andy Greenberg of Wired Magazine was driving the Jeep around the limits of downtown St. Louis, MO while hackers Charlie Miller and Chris Valasek attempted to take control of the vehicle themselves 10 miles away. The wireless takeover, which was perpetuated from Miller’s basement in St. Louis, began with blasting cold air through the AC, changing the radio stations, and turning on the wipers. No matter what Greenberg tried, he couldn’t turn off the radio, wipers, or vents. Next, the two hackers showed their faces on the Jeep’s onboard display.
Were this to happen in an everyday situation, such as a mother driving her children to school, it would be an absolute nightmare. Once the wipers come on, possibly blurring the vision of the driver, the driver would naturally go for the brakes to slow down and stop. Miller and Valasek demonstrated that even that won’t stop the vehicle as they successfully disabled the brakes to the Jeep being driven by Greenberg. Greenberg knew the hackers were going to take over his vehicle, but did not know how. Eventually, they cut the ransmission, causing it to lose momentum as it climbed a slope.
The two hackers have tested this sort of vehicular commandeering back in 2013 with Greenberg at the wheel as well. They managed to disable the brakes, honk the horn, choke him with the seatbelt, and take control of the steering from the backseat of a Ford Escape. Back then, they had to be directly connected to the vehicle’s diagnostic port, but now, in 2015, it can be done from the comfort of their own home. Now, they can cut the engine entirely at low speeds, disable or slam the brakes, and track the vehicle via GPS.
This vulnerability affects about 471,000 vehicles, but these two hackers have made them known to auto manufacturers. Chrysler has released a patch for their Uconnect enabled vehicles that must be administered by USB drive or at a dealership mechanic. This security flaw highlights the unfortunate side of a connected world where everything has a wireless internet connection “to make our lives easier.” It might be best to stick with an old, unconnected vehicle for the time being, but if that’s not an option, be sure to update your vehicle’s firmware to the latest versions as soon as it’s available.