Hackers Show They Can Take Control of Moving Jeep Cherokee

22 Jul 2015 | Author: | No comments yet »

Hack of connected car raises alarm over driver safety.

Two computer-security researchers demonstrated they could take control of a moving Jeep Cherokee using the vehicle’s wireless communications system, raising new questions about the safety of Internet-connected cars. Security researchers used a laptop and a smartphone to hack into a two-tonne Jeep Cherokee over its mobile phone connection and implanted their software on the car’s internal computer network.In an article posted Tuesday, Miller and Valasek demonstrate that they can take over the computer in the car of Wired reporter Andy Greenberg, as Greenberg drove on Interstate 64 in St.

One driver had to do just that after hackers managed to remotely commandeer the controls of his Jeep Cherokee, activating windshield wipers and blasting the radio—even going as far as turning off the car’s engine in the middle of a highway, according to a report from Wired. “The most disturbing maneuver came when they cut the Jeep’s brakes, leaving me frantically pumping the pedal as the 2-ton SUV slid uncontrollably into a ditch,” the Wired report read. In a somewhat controlled experiment, hackers Charlie Miller and Chris Valasek used a reporter as “a digital crash-test dummy” to call attention to vulnerabilities in Internet-connected entertainment and navigation systems featured in many new vehicles, the report said. (Tweet This) “From an attacker’s perspective, it’s a super nice vulnerability,” Miller told Wired, adding that the flaw could theoretically leave any early 2013 to early 2015 Chrysler vehicle open to the same kind of attack.

The author explains: “Though I hadn’t touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on my back through the in-seat climate control system. “Next the radio switched to the local hip hop station … TWTR 2.29 % and is a former analyst for the National Security Agency, counter they are bringing attention to an issue auto makers have for too long ignored. A statement noted that the company “monitors and tests the information systems of all of its products to identify and eliminate vulnerabilities in the ordinary course of business.” The story comes to light on the same day Massachusetts Sen.

GM -0.36 % , for example, has been working with the National Highway Traffic Safety Administration on ways to protect the loads of data that a vehicle carries, and fortify a car’s control system from outside tampering. But the experiment highlights a concern that often isn’t addressed head-on in the growing excitement over the prospect of roads dominated by either autonomous or heavily driver-assisted vehicles. If the frequent attacks on myriad retail and financial institutions tell us anything, it’s that there isn’t a digitally connected network that is completely safe from hackers. And while it’s one thing to have to change credit cards due to a breach, it’s another to be trapped in a speeding hunk of metal when the crippling intrusion happens.

The cyberattack demonstration comes amid concerns over how susceptible U.S. automobiles are to hackers taking control of vehicles or accessing motorists’ private information. Tesla said members of its security team would attend the conference in Las Vegas to discuss its security, but it isn’t making a vehicle available to hackers. The idea is to offer consumers easy access to their favorite apps and services while driving, but the feature in turn opens the digital doors to hackers seeking access to the automobile’s controls.

That collaboration led to a July 16 memo to owners from Chrysler noting that a patch was available to help protect the vehicles from attack; it has to be downloaded via a USB stick or by a dealer. The researchers believe their hack would work on any late 2013, 2014 or early 2015 vehicle with Fiat Chrysler’s Uconnect system. “Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems,” the auto maker said in a statement. One immediate fix involves automakers thinking more like software makers: offer over-the-air updates to operating systems in response to vulnerabilities. The researchers, who have been probing vulnerabilities in connected automobiles for years, previously could only take over a car by hacking from a laptop connected by cable to a moving vehicle.

After quoting an Internet of Things security expert saying that he hopes automakers will become enlightened to the security threats facing connected cars “in the next three to five years,” writer Greenberg offers a literary shudder. “As I drove the Jeep back toward Miller’s house from downtown St. Miller defended releasing the information, arguing he is improving auto safety by drawing attention to the issue. “We both want the same thing, to keep drivers safe from a cyberattack,” said Mr. Miller, who used to work on hacking tools for the NSA. “All I can do is point out flaws in their vehicles, get other researchers working on this issue and make suggestions.” Messrs.

Edward Markey (D., Mass.) released a report claiming that nearly all cars and trucks on U.S. roads feature wireless technology prone to hacking or privacy intrusions. The report queried more than a dozen manufacturers in light of studies demonstrating how hackers can infiltrate vehicles to gain control of steering, braking and other functions. Markey and Richard Blumenthal (D., Conn.) on Tuesday introduced legislation that would require NHTSA officials and the Federal Trade Commission to develop standards for securing vehicles and protecting consumers’ privacy. The legislation would also create a “cyber dashboard” ratings system to inform consumers how well a vehicle protects against hackers. “Drivers shouldn’t have to choose between being connected and being protected,” Sen.

Here you can write a commentary on the recording "Hackers Show They Can Take Control of Moving Jeep Cherokee".

* Required fields
Twitter-news
Our partners
Follow us
Contact us
Our contacts

dima911@gmail.com

ICQ: 423360519

About this site