Smart Cars: A Drivers’ Best Friend or a Playground for Hackers?

Today it seems that nearly every venerable product is being updated, refreshed, and otherwise reworked to satisfy the public’s insatiable demand for networked technology. Where we once had phones, we now have smart phones where making calls is only the beginning of the capabilities of these hand-held computers. Computerized features have been added to a myriad of consumer products including refrigerators, door bells, barbeque grills (yes, really!), home thermostats, televisions and home entertainment systems. These “smart” electronics promise to offer consumers improved usability, efficiency, personalization and other benefits.

While many of the underlying systems in vehicles have already been computerized, the latest step in this trend of computerization of consumer products has now moved into the consumer-facing systems in cars, trucks and SUVs. These changes have likewise promised consumers improved personalization & customization, enhanced safety, and more efficient driving. However, technology is a tool and like all tools it can be leveraged for good and bad intentions. While these improvements are exciting for consumers, they are also enticing for hackers and their technological attacks that could result in massive accidents, snarled traffic on roadways and more.

Are Computerized Cars Safe?

Before we proceed any further, it is important to note that while the terms is often thrown around to scare people, not all hackers have a nefarious purpose. In fact, some hackers will disclose exploits to the manufacturer before releasing the code. The main concerns regarding hacking and smart cars is probably focused on an attack designed to disrupt or lock-up the nation’s transportation grid, a worm that proliferates and propagates beyond the author’s intent and control (See: ILOVEYOU worm, Melissa virus, Blaster worm, and others), or ransom-ware that locks down a vehicle unless the owner pays the extortion fee.

Security expert, Chris Valasek, who was able to seize control of a 2010 Toyota Prius and Ford escape over the OBD port typically used by mechanics characterizes today’s cars as “rolling computers.” Unfortunately he is not the only individual who has identified weak links in these vehicles security systems. A Department of Defense-funded security assessment performed on an undisclosed 2012 model also resulted in hackers seizing control of the vehicle by creating something akin to a digital master key for all of the vehicle’s systems.

Even the poster-child of the electric and smart car movement, the Tesla S, is not immune to this risk. Tesla owners & enthusiasts themselves have taken to hacking the car and its systems to see what types of things it is capable of. By interfacing with the on-board computer through a standard Ethernet port, these individuals were able to monitor the data being transmitted through the systems, display the Firefox web browser on the center console, discovered a number of open and insecure ports, and discovered that one of the sub-systems was running on the common Linux distribution, Ubuntu.

However, perhaps more concerning is that over the summer hackers at the security conference Syscan 360 discovered and announced exploits that could be used maliciously in the Tesla S. These individuals were apparently able to gain control over the vehicle’s headlights, locks, skylight and horn while the car was in motion. This means that it is theoretically possible for a malicious individual to cut your headlights as you enter a dangerous stretch of roadway. However, the hacks that were revealed fell short of the goals set by conference organizers. A $10,000 prize was available to anyone able to demonstrate a hack that takes control of the vehicle’s engine and could open the doors.

Put our auto accident experience to work for you

As computer systems on vehicles become more and more complex, the potential number of vectors for errors and malicious acts only increases. In a world where vehicles have been affected by unintended acceleration, defective ignition switches, and exploding airbags the safety of a car’s control systems is of paramount concern. The failure to secure these systems from attack increases the likelihood that serious accidents and other consequences may occur. If you suspect that a defect in the computer systems or other systems in your vehicle caused a serious accident, contact the Law Practice of Ken Kieklak today by calling (479) 251-7767 or contact us online.

Sources:

Automakers aim to drive away car computer hackers

Tesla Model S hack reportedly controls locks, horn, headlights while in motion

Tesla Model S Owners Hack their Cars Find Ubuntu