Your Security Partner

Your Worst Driving Nightmare: Security Flaws in New Vehicles Now Top Priority

Driving down a highway in your new vehicle, there would be nothing more terrifying than to cross paths with a careless driver or unavoidable obstacle in the road. Distractions like these cause numerous car accidents a day and, while you may not be always able to avoid a collision, you at least have a chance to regain control of your vehicle and protect yourself and your passengers.

Now imagine driving down the same highway, and controls stop responding. You tap the brakes but nothing. The car speeds up and starts veering to the right. You correct by cranking to the left, but it's useless, the car has no reaction to your panicked steering wheel movement. As you frantically look for a way to save yourself from certain demise, a voice begins speaking through your car's sound system, “I have control of your car, there's nothing you can do.”

Sounds like a science fiction horror film, right? While it may seem like a fear mongering story, the technology to make this happen is very real, and current cars are unable to protect you from modern hacking techniques.

Last week, tech magazine Wired detailed a terrifying attack that took control of a Jeep Cherokee while it drove down a highway. This story comes hot on the heels of a bill being introduced to call on the US Federal Trade Commission and the National Highway Traffic Safety Administration to enforce vehicle security standards. Fiat Chrysler has pre-emptively issued a safety recall affecting 1.4 million vehicles in the US for “ongoing software distribution that insulates connected vehicles from remote manipulation.”

But there are likely millions of vehicles on the road right now with drivers that are completely unaware that their trusted family car can be hacked, controlled, and turned into a dangerous weapon.

Wired's Andy Greenberg's account of his heart-stopping ordeal is chilling in its implication. Andy was in minimal danger, as the author's experience was a controlled experiment by two “hackers” who's focus on exploiting holes in the software that controls all new vehicles has brought them to the forefront of a public outcry for increased software security. The two hackers, Charlie Miller and Chris Valasek, demonstrated to Andy that they could control little things like the radio station or the windshield wipers to important functions such as applying or disengaging the brakes or even killing the engine, altogether.

The most alarming fact to come from this is that the hackers are now able to access this vulnerability wirelessly. A driver would have no warning that a hacker, thousands of miles away has taken control.

This is the dark side of the rise of “smart” products. As we develop more sophisticated systems, we also introduce new vulnerabilities that are waiting to be pounced on by ill-intentioned miscreants. Security systems and iron-clad encryption are the only way to protect ourselves from perils of the future.

Fortunately, the US government is taking action. Last week, the US Senate introduced the Anti-Automotive Hacking Bill. This bill would force automotive companies to ensure their smart cars are highly encrypted, to “immediately detect, report, and stop” hacking attempts.

While the Senate identified that auto-makers have been lax in creating fully secure vehicles in the past, the National Highway Traffic Safety Administration will have full authority to enforce vehicle security in the future.

When we think of autonomous cars, our collective imagination should focus on the possibilities, and not the risks.

About this Blog

The TrustPoint Innovation Blog covers security industry topics relating to Certificates, Elliptic Curve Cryptography (ECC), Machine-to-Machine (M2M) Communication, Near Field Communication (NFC), Vehicle-to-Vehicle (V2V) Communication, and more.

Recent Posts