Hackers are winning the digital war

23 Jul 2015 | Author: | No comments yet »

Car hacking just got real.

Zooming down Route 40 in St Louis, Missouri, a man at the wheel of a Jeep began to notice things going badly wrong with his car. SAN FRANCISCO: Fiat Chrysler said Wednesday it is offering a software patch for some of its Internet-connected vehicles after a report showing hackers seizing control of a moving 2014 Jeep Cherokee.Answer: The security industry has been warning car manufacturers about the growing dangers of adding customer convenience technology without a strong focus on security.A Jeep Cherokee winds up in a ditch after hackers working with ‘Wired’ magazine successfully took control of the vehicle by hacking in through its connected-car infotainment system.

Fiat Chrysler claimed no first-hand knowledge of any of its vehicles being hacked and released a statement saying that software updates are sometimes required “for improved security protection to reduce the potential risk of unauthorized and unlawful access to vehicle systems.” A Wired story by journalist Andy Greenberg’s published on Monday told of hackers Charlie Miller and Chris Valasek remotely commandeering a Cherokee as part of an arranged demonstration of a vulnerability. Their previous “proof of concept” hacks in 2013 required physical access to the vehicle, which caused the auto industry to shrug off the threat as not likely to happen.

It was an experiment for Wired Magazine. “We just wanted to show that cars are getting more complicated, they’re getting more sophisticated and they have computers in them now,” says Miller. “Just like how a bad guy can hack into your phone or your computer, they can hack into your car too.” From his home in Ladue, Miller and his partner Chris Velasek broke through the Jeep Cherokee’s U-Connect system. This was swiftly followed by his music system springing into noisy life and his windscreen wipers suddenly whipping back and forth at their fastest speed. Greenberg described how hackers working from laptop computers at home tinkered with the Cherokee’s steering and brakes as well as the radio, windshield wipers and more. Then came the worst bit by far – without him doing a thing, the Jeep’s engine died, leaving the car crawling along at a snail’s pace on a busy freeway. Fiat Chrysler released free software updates for computerized UConnect systems in Chrysler, Dodge, Jeep and Ram models made in 2013 and 2014, and some versions of the 2015 Chrysler 200.

Cars have become smartphones on wheels — giant rolling cages of software code controlling brakes, steering and propulsion, not to mention radio, weather apps and air conditioning. A Wired article published this week, “Hackers Remotely Kill a Jeep on the Highway — With Me in It,” showed how vulnerable that cars equipped with the Uconnect technology are to being hacked remotely.

Unlike previous demonstrations that required the hackers to be in the back seat, they showed how a computer in the basement of a house 10 miles away could wreak havoc on a Jeep Cherokee driving on a St. Other vehicles they deemed particularly vulnerable included Toyota Motor’s 2014 Infiniti Q50 and Toyota Prius, General Motors’ 2015 Cadillac Escalade, the 2014 Ford Fusion, the 2014 BMW X3 and i12 and the 2014 Range Rover Evoque.

But once it was running, he found the vehicle’s Internet address and, while sitting in his office and typing on a MacBook Pro, hacked in through the dashboard information and entertainment system. Cars that are most susceptible to hacking attempts are among the newest vehicles on the road, typically including only cars that have Internet connectivity, mapping capability or infotainment systems. The study by Miller and Valasek and interviews with analysts suggest that the most troublesome vehicles are those with Internet systems embedded in Infotainment systems and connected to other networks on the car, such as those operating brakes and propulsion.

Unsurprisingly, Fiat Chrysler, this particular vehicle’s manufacturer, has now issued a “patch” that befuddled car owners must download or beg their local dealer to do for them. The test was done in conjunction with a researcher from the U.S. military’s Defense Advanced Research Projects Agency, or DARPA, which is trying to find ways to eliminate the threats. “Everything is hackable,” said Thilo Koslowski, who heads the automotive practice group for Gartner. “But remember that the automotive industry invented the term firewall. That was alarming for industry watchers who had previously questioned whether hackers could infiltrate a vehicle’s systems without wired connections inside the cabin. Personally, I think it’s too easy when something like this happens to moan and mourn the days when you, and you alone, had control of your car, or who saw your saucy honeymoon snaps.

It also offered reassurances to drivers. “The company monitors and tests the information systems of all of its products to identify and eliminate vulnerabilities in the ordinary course of business.” “They really just patched one vulnerability. It’s extremely important that everyone at risk protect their vehicles immediately because the researchers plan to unveil some of the technical details of how they did it at the upcoming Black Hat hacker conference in Las Vegas that begins Aug. 1. Their reason for sharing their research is for peer review and more importantly, to make sure that the entire automotive industry takes them seriously this time. Automation, to varying degrees, has offered salvation to billions – from those of us profoundly grateful for the domestic dishwasher all the way through to the patients of doctors performing “telesurgery” – remotely operating on patients miles away. Anyone with technology that wirelessly connects their car to the Internet should start routinely monitoring security updates from car manufacturer’s websites.

Cars typically don’t store much personal data. “It’s creeping closer to where you could say that could be a malicious hacker,” said Richard Wallace, director of transportation systems analysis for the Center for the Automotive Research. The deal of this modern age must be that if we consumers put our faith into the hands of companies using cutting edge technology, these businesses need to meet us half way with assurances of total security.

Ford said it’s integrating cybersecurity principles into its design “from the outset” of the product development process. “We are not aware of any instance in which a Ford vehicle was infiltrated or compromised in the field,” Ford said. For instance, while I love how Google continues to push the boundaries with driverless cars and its forays into artificial intelligence, I don’t much like it when it randomly collects people’s information without their prior consent.

Nor do I feel assured about putting my family photos into Apple’s iCloud soon after intimate images of Hollywood A-listers have been hacked (and no before you ask, they aren’t those kind of snaps) – even though I’m an iPhone and Mac fan. Richard Blumenthal (D-Conn.) on Tuesday introduced long-in-the-making legislation that would require federal regulators to establish cybersecurity standards and ratings for the automakers.

They will hack our cars, our emails and in years to come, no doubt, our thermostats, fridges, pacemakers, even airliners – anything and everything that will be connected to the so-called “internet of things”. When BMW discovered a flaw that could have theoretically allowed hackers to open vehicle doors using a smart phone, it set a security fix over the air to cars earlier this year. “It needs to be easier for them to mass update their vehicles, as opposed to going to a dealer or using a USB stick. Frost & Sullivan analyst Praveen Narayanan said it’s crucial for automakers to begin considering cybersecurity concerns at the beginning of their product design process. “Yes, there is a growing concern,” Narayanan said. “But let’s not get too much ahead of ourselves.

Here you can write a commentary on the recording "Hackers are winning the digital war".

* Required fields
Our partners
Follow us
Contact us
Our contacts


ICQ: 423360519

About this site