Hackers disable brakes on Jeep from miles away

22 Jul 2015 | Author: | No comments yet »

Connected cars conundrum: Security experts hack into moving car and seize control.

American computer programmers staged a “frightening” demonstration of the vulnerability by remotely sabotaging a Chrysler Jeep Cherokee from miles away.

St Louis, Missouri – experts issued a warning to half a million car owners on Tuesday night after hackers were able to take remote control of a vehicle from around 15km away.Cybersecurity researchers have shown they can use the Internet to turn off a car’s engine as it drives, sharply escalating the stakes in the debate about the safety of increasingly connected cars and trucks.In an article posted on Wired.com Tuesday, security experts Charlie Miller and Chris Valasek, accessed a Jeep’s computer while a third man was driving down a St. The two hackers, security experts sitting on a sofa with a laptop and mobile phone, cut the engine and applied the brakes – sending the Jeep, being driven by a journalist, into a spin.

Former National Security Agency hacker Charlie Miller, now at Twitter, and IOActive researcher Chris Valasek used a feature in the Fiat Chrysler telematics system Uconnect to break into a car being driven on the highway by a reporter for technology news site Wired.com. At the Black Hat and Def Con hacking conferences in Las Vegas in August, they plan to show they have discovered a way to control hundreds of thousands of vehicles remotely.

In a controlled test, they turned on the Jeep Cherokee’s radio and activated other inessential features before rewriting code embedded in the entertainment system hardware to issue commands through the internal network to steering, brakes and the engine. They claim that more than 470 000 cars made by the Jeep’s manufacturer Fiat Chrysler – including many in the UK – could be at risk of a similar attack. Valasek and Miller have told Chrysler about the hack, and although a software patch has been developed to fix the problem, drivers will have to install the update manually. “Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems,” it said in a statement. The demonstration was posted the same day of the Senate Commerce Committee hearing on the Internet of Things, senators Richard Blumenthal (D-Conn.) and Edward J. Markey (D-Mass.), as they announced legislation that would direct the National Highway Traffic Safety Administration and the Federal Trade Commission to establish federal standards to secure our cars and protect drivers’ privacy.

Greenberg wrote: “The most disturbing manoeuvre came when they cut the Jeep’s brakes, leaving me frantically pumping the pedal as the two-ton SUV slid uncontrollably into a ditch.” The hack was possible because of Uconnect, the internet-connected computer feature that has been installed in Fiat Chrysler cars since 2013. An academic team had previously said it hacked a moving vehicle from afar but did not say how or name the manufacturer, putting less pressure on the industry. Last year, the researchers bought a Jeep that came with a car stereo head unit, which offers radio display, traffic, and a navigation system — in this case, connected to the Internet through a chip for a wireless and a cellular network connection. Miller and Valasek said they had been working with Fiat Chrysler since October, giving the company enough time to construct a patch to disable a feature that the men suspected had been turned on by accident. Verified email addresses: All users on Independent Media news sites are now required to have a verified email address before being allowed to comment on articles.

But the researchers said hackers would need to know the Internet Protocol address of a car in order to attack it specifically, and that address changes every time the car starts. They said that manufacturers, who are racing to add new Internet-connected features, should work much harder on creating safe capability for automatic over-the-air software updates, segregation of onboard entertainment and engineering networks, and intrusion-detection software for stopping improper commands.

Here you can write a commentary on the recording "Hackers disable brakes on Jeep from miles away".

* Required fields
Our partners
Follow us
Contact us
Our contacts


ICQ: 423360519

About this site