The Stack Archive

How susceptible are modern cars to hacking?

Thu 19 Nov 2015

Hacking cars has been going on for some time now because the automotive industry has been adding an ever increasing number of computerized components into cars. Modern cars will typically contain between 50 and 100 computer systems, used for a variety of different purposes; but in general they link and control various systems within the car. These can range from minor things such as the radio to major components such as the ignition system – and there’s little to stop a dedicated hacker from taking control of some or even all of those systems.

One of the main points to consider about modern automotive security is the basic computational architecture. Most important systems in a car will be directly linked to a corresponding microcomputer. The main intent of these systems is to allow both people and automated systems to keep track of their status. A problem with the brake systems will be instantly noted by a microcomputer whose task is to monitor it. But this connection needs to work in both directions: a system to monitor brakes is controlling them, and can also turn off those brakes. This means that a hacker who gains access to a car’s microcomputers can also turn off the brakes, disable any locks, modify speed, or even shut down the ignition while someone is driving.

Attack vectors in smart cars

Researchers have narrowed the possible means of hacking down to three main methods. Indirect physical attacks require the hacker to have physical access to the vehicle. This might involve complex methods such as exploiting the OBD-II port that’s intended for diagnostic use by technicians. But even such seemingly safe ports as the input jack for iPods and other media players can serve as a possible route for hacker exploits.

Short-range wireless exploits don’t require physical access to the car, but they do require the attacker to be fairly close to it. Most cars have a variety of systems intended to pick up short range communications. This can include Wi-Fi, Bluetooth, and even RFID key systems. The range of these attacks is generally similar to what one would expect from the underlying system. Bluetooth, for example, will typically be limited to general range of sight.

Long-range wireless exploits target the communications systems in a car which are intended to have the longest reach. This might include satellite radio or the GPS system. Hackers might also try to hijack the crash reporting and diagnostic systems within a car as these are intended to provide help no matter where the car is located.

Protecting the CAN bus

The main reason most of these attacks are possible is the convergence of signals to a controller-area-network bus, or CAN bus. This system is analogous to a brain within a living organism. Gaining control of one part of this system can allow one to essentially control the central operations of the car. However, there are quite a few protocols in place which are intended to prevent these exploits from ever occurring.

One of the biggest defences is coming from more attentive data analysis. Instead of allowing any random app to be installed within a system, manufacturers are insisting that they come through app stores. Or if third party apps are allowed than they need to go through a preprocessor first which will carefully analyze it for security exploits. In a similar manner cars are being equipped with white lists for connections. This means that any connection has to come from a list of approved hardware partners., preventing unauthorized access to a system in order to carry out exploits. For physical connections, manufactures are now adding complex and unbreakable hardware encryption to the data ports.

Cell-phone vulnerabilities in smart cars

Much of this information has come about due to the findings of various research projects on automotive security. The two most influential have come from joint research between the University of Washington and the University of California San Diego, which focuses on trying to gain short and long range remote access to a car. The researchers discovered that it was quite possible to use infrastructure present in most new cars to gain access to vital systems. In particular they found the cellphone connections to be the most vulnerable and speculated on the ease in which attackers might be able to simply dial up a car in order to unlock it. But they also noted that this had not been seen in real life encounters, and that car manufacturers were continually working to improve these security issues.

However, new features mean new potential targets. Eight percent of consumers mention that connections to outside resources are a vital purchase point for them. As new features become available it may well be that they haven’t had sufficient time to mature and undergo proper testing.

The easiest vehicles to hack

Of course some cars are also more vulnerable than others. The automotive industry is rapidly pushing for a future where everyone is driving a connected car. In theory this will be a huge advantage for consumers. Cars using a wireless connection to different devices are able to offer a whole new level of usability. People can stream music from satellites, find their location at any time, receive calls, and even disable the car if someone has stolen it. But there are heavy risks involved as well. When security fails an attacker might gain control over some or even all connected systems in a car.

Charlie Miller and Chris Valasek recently looked into almost every modern car on the market to determine potential vulnerability. The 2014 Jeep Cherokee and 2015 Cadillac Escalade ranked as their most easily hacked vehicles. Miller and Valasek even managed to hack the Jeep Cherokee from Miller’s basement at a distance of ten miles. These cars ranked so low due to the fact that every possible point of entry into the system was insecure. It leads attackers to be able to easily choose the method of attack most convenient to them.

With all that in mind it’s important to remember that the chances of one’s car being hacked is still exceedingly low. So far all of these cases have come about in a lab or as the result of a dedicated research project. A considerable amount of time, effort and knowledge is currently required to gain access to a single car. Usually one needs to specifically tailor handwritten computer code to an individual car in order to get access to it. And full control of a hacked car still requires physical access in all of the above situations.

About the author

Matthew Young is a freelance automotive journalist and blogger from Boston. He is passionate about everything on 4 wheels and new, emerging tech in the industry. When Matthew is not busy writing about cars or awesome new technology, he usually spends time fiddling with his camera and learning a thing or two about photography. You can reach Matthew @mattbeardyoung.


cars feature security
Send us a correction about this article Send us a news tip