Hackers seize control of car using DAB radio signals
Thu 23 Jul 2015
Cars can be hacked remotely using radio signals sent to inbuilt infotainment systems, researchers have warned.
According to security experts NCC Group, the hacking technique can be used against several vehicles at one time and can be created easily using “off-the-shelf components.”
The Manchester-based company explained that the hacking method works by sending data across DAB, or digital audio broadcasting, radio signals. The signals could be used to remotely access critical systems such as a vehicle’s steering and braking functionality.
The team suggested that using a powerful transmitter, attackers could send out DAB code to target multiple cars. Research director Andy Davis explained that “as this is a broadcast medium, if you had a vulnerability within a certain infotainment system in a certain manufacturer’s vehicle, by sending one stream of data, you could attack many cars simultaneously.”
He added that hackers would most likely “choose a common radio station to broadcast over the top of to make sure they reached the maximum number of target vehicles.”
NCC has not revealed which DAB systems it has been able to hack.
The demonstration of this hack comes just a day after a U.S.-based cybersecurity team remotely accessed a Jeep Cherokee and drove it off the road using a laptop and smartphone. The attackers were positioned 10 miles away when the vehicle crashed.
“The most disturbing manoeuvre came when they cut the Jeeps brakes, leaving me frantically pumping the pedal as the 2-ton SUV slid uncontrollably into a ditch,” wrote Andy Greenberg, the Wired reporter exposed to the hack.
The researchers were able to send data to the Fiat Chrysler Uconnect entertainment unit and navigation system across a mobile network. The auto company has since released a patch to resolve the issue.
Commenting on the growing threat to connected vehicles, the Society of Motor Manufacturers and Traders has advised that auto manufacturers must “invest billions of pounds to keep vehicles secure as possible.”
