Report Finds That Cyber-Terrorists And Hackers Could Break Into Your Vehicle’s Electronics, Even While You’re Driving
June 19, 2013
There is a whole lot more to today’s cars and trucks than simply twisting a key and pressing the gas pedal to get going. Today’s modern vehicle is as much a rolling laptop as it is a conveyance for getting from Point A to Point B.
Think about it: you punch in directions via an onboard navigation system, sync your smartphone, and rely on a myriad of driving controls that are operated by electronic connections. A recent report published by
AOL Autos, and titled
“The Scary Truth of How Terrorists Could Crash Your Car,” takes a look at the threats posed by the prevalence of software in automobiles.
But what exactly would someone gain from hacking into a vehicle? The article’s author, Pete Bigelow, says the reasons could range from simple car theft, to high level industrial espionage, and even a cyber-attack on multiple vehicles as they’re being driven.
“For a bad guy, there are a lot of motives,” explains Bigelow. “In hacking a single car, their motives could range from something simple like stealing it to something more complex, like eavesdropping on a conversation between executives of a high-ranking company through infotainment software.”
“In hacking into many cars at once, the motives could be more harmful, anything from stealing data, such as credit-card numbers stored in our iPhones, to a mass-scale cyber-attack that results in hundreds of accidents at the same time.”
Bigelow says the current threat is “more consumer-related,” and that car thieves are already using wireless software to unlock doors and gain access to vehicles. “In the not-too-distant future, the threat becomes more safety-related,” he warns.
“Already, in 2010 and 2011, researchers have found ways to hack into single cars and compromise safety-critical systems. They've been able to brake cars and turn the engines on and off. When wireless is more involved, the risks multiply.”
“Researchers at the University of Michigan have an ongoing study that's trying to keep 3,000 cars apart. What happens when a cyber-terrorist compromises the software behind this wireless technology and instead of wanting to keep the cars apart, wants to crash them together? That's a worst-case scenario.”
Bigelow says automobile manufacturers are well aware of the problem, though they’re rarely open to talking about preventative measures they employ. “Most [auto companies] won't talk about the specifics of their deterrent systems, because it's such a sensitive issue.”
The National Highway Traffic Safety Administration (NHTSA) recently established a task force to combat the threat that hackers could pose to automobiles. Yet the current complexity of vehicles, not to mention cutting-edge work being done in the field of self-driving cars, only makes the task of keeping cars immune to cyber-terrorism that much harder.
“Software is entwined with our cars,” says Bigelow. “We typically think of it as most involved with our infotainment systems, but software is really involved in engine performance, brakes, everything. And anything with software is potentially vulnerable. It's hard to say what can be done to prevent it.”
Yeah, I know this is from HuffPo...
Was Michael Hastings' Car Hacked? Richard Clarke Says It's Possible
June 26, 2013
The peculiar circumstances of journalist Michael Hastings' death in Los Angeles last week have unleashed
a wave of conspiracy theories.
Now there's another theory to contribute to the paranoia: According to a prominent security analyst, technology exists that could've allowed
someone to hack his car. Former U.S. National Coordinator for Security, Infrastructure Protection, and Counter-terrorism Richard Clarke told The Huffington Post that what is known about the single-vehicle crash is "consistent with a car cyber attack."
Clarke said, "There is reason to believe that intelligence agencies for major powers" -- including the United States -- know how to remotely seize control of a car.
"What has been revealed as a result of some research at universities is that
it's relatively easy to hack your way into the control system of a car, and to do such things as cause acceleration when the driver doesn't want acceleration, to throw on the brakes when the driver doesn't want the brakes on, to launch an air bag," Clarke told The Huffington Post. "You can do some really highly destructive things now, through hacking a car, and it's not that hard."
"So if there were a cyber attack on the car -- and I'm not saying there was," Clarke added, "I think whoever did it would probably get away with it."
Authorities have said that it may take weeks to determine a
cause of death for Hastings, but that no foul play is suspected.
Hastings was driving a 2013 Mercedes C250 coupe when he crashed into a tree on Highland Ave. in Los Angeles at approximately 4:30 am on June 18. Video posted online
showed the car in flames, and one neighbor
told a local news crew she heard a sound like an explosion. Another eyewitness said the car's engine had been thrown 50 to 60 yards from the car. There were no other vehicles involved in the accident.
The fire was so all-consuming that
it took the Los Angeles County coroner's office two days to identify Hastings' body, but Clarke said a cyber attack on the vehicle would have been nearly impossible to trace "even if the dozen or so computers on board hadn't melted."
Hastings practiced a brand of no-holds-barred journalism that tended to anger powerful people. His
2010 profile of Gen. Stanley McChrystal, published in Rolling Stone, was so damaging that
it ostensibly prompted President Barack Obama to fire the general (the president denied that the article had a role in his decision).
In the days before his death, Hastings was reportedly
working on a story about a lawsuit filed by Jill Kelley, who was involved in the scandal that brought down Gen. David Petraeus,
according to the LA Times. KTLA reported that Hastings told colleagues at the news site BuzzFeed that
he feared the FBI was investigating him. On June 20,
the FBI denied that any investigation was under way.
"I believe the FBI when they say they weren't investigating him," said Clarke. "That was very unusual, and I'm sure they checked very carefully before they said that."
Clarke worked for the State Department under President Ronald Reagan and headed up counterterrorism efforts under Presidents George H.W. Bush, Bill Clinton and George W. Bush. He also served as a special adviser on cyberterrorism to the younger Bush and
published a book on the topic, Cyber War, in 2010.
"I'm not a conspiracy guy. In fact, I've spent most of my life knocking down conspiracy theories," said Clarke, who
ran afoul of the second Bush administration when he criticized the decision to invade Iraq after 9/11. "But my rule has always been you don't knock down a conspiracy theory until you can prove it [wrong]. And in the case of Michael Hastings, what evidence is available publicly is consistent with a car cyber attack. And the problem with that is you can't prove it."
Clarke said the Los Angeles Police Department likely wouldn't have the expertise to trace such an attack. "I think you'd probably need the very best of the U.S. government intelligence or law enforcement officials to discover it."
Bookmarks