Wired reported last month how researchers remotely took control of a Jeep Cherokee traveling along the freeway through its information system.
Advertisement
The security researchers explained that they were able to hack into a dongle connected to a Corvette by sending a carefully crafted text message to it. Once the device was accessed, they were able to send commands to the vehicle’s CAN, also known as the Controller Area Network.
Speaking to Wired, professor Savage said: “We acquired some of these things, reverse engineered them, and along the way found that they had a whole bunch of security deficiencies”. But some of these little boxes could also be an Achilles’ heel that leaves their host cars vulnerable to hacking, warns a group of digital security researchers at the University of California at San Diego.
As if recent research on vehicle hacking wasn’t frightening enough, a new study shows yet another danger to increasingly networked vehicles. Mobile Devices sell their OBD2 dongles to lots of other companies, in this case a startup called Metromile, which uses it to monitors one’s driving for pay-per-mile insurance. The company entered into a partnership with Uber earlier this year. Older cars don’t have computer networks, but many newer vehicles do as automakers push the concept of “connected cars”. Metromile also distributes the dongles to Uber drivers for bespoke insurance plans.
It appears that today’s interconnected smart gadgets and modern computing applications are making cars one of the more vulnerable everyday items open to life-changing hacks. But the researchers said that their Corvette brake tricks worked only at low speeds due to the restrictions in the vehicle’s computer functions. As such, the hack isn’t specific to General Motors, Chevrolet, or the Corvette, but rather could have been used on any vehicle with an OBD2 port.
“We show that these devices can be discovered, targeted, and compromised by a remote attacker and we demonstrate that such a compromise allows arbitrary remote control of the vehicle”, the researchers wrote in the abstract to their paper.
Their level of entry: An aftermarket telematics management unit, like those that main insurers comparable to Progressive, Allstate and State Farm present clients to assist them. They stopped the cars’ breaks by texting its dongle.
Advertisement
Researchers have hacked into cars from multiple automobile makers, including Fiat Chrysler and Tesla, and now there’s been a controlled hack of a Chevy Corvette, which cut out its brake functionality and demonstrated clear vulnerability.
