Your Car Can Be Hacked
First they hacked the Google car. Now, it appears, they – “they” being hackers – could, in principle at least, take over half-a-million Jeeps (and other Fiat-Chrysler vehicles) equipped with in-car WiFi.
They’ve already done so in fact with one.
According to a report just published on wired.com a guy lost control of his new Jeep Cherokee when someone – using a laptop and sail fawn – hooked in to the vehicle’s systems and began to root around in its electronic guts, kind of like that scene in the classic William Shatner episode of Twilight Zone.
There’s …something on the wing!
Only this time, there really was.
Under the hood, anyhow.
The hackers began by “adjusting” the AC. Next, they cycled the wipers. Then – according to the article – the hackers actually transmitted images of themselves over the Jeep’s LCD display, laughing at the no-longer-driver of the Jeep before disabling the vehicle’s brakes, leaving the no-longer-driver frantically pumping and getting nothing. He ended up in a ditch.
How – as they say in Russia – is possible?
Here’s how:
First, realize that your car is a computer as much as a car. Actually, it is a computer that controls a car. Everything mechanical is supervised – controlled – by the computer. This includes the engine, transmission and brakes. You may be under the impression that when you move the gear selector from Park to Drive, for instance, you are physically controlling the action. And also when you push on the gas pedal.
Which you may assume is physically connected to the engine.
Uh, nope. Not anymore. Not in most new (and recent model) cars. Which are controlled via drive-by-wire. Electronics. Sensors and actuators. Not cables and rods.
This is done for several reasons, including ease of assembly at the factory (plug-in components rather than cables and rods that have to be adjusted) as well as consistency (it’s hard to make a throttle cable feel exactly the same in 10,000 cars… while it’s a snap to do that with drive-by-wire). Consistency is also critical in these days of government micromanagement of the car industry. Even minor variations in, for instance, idle RPM can affect mileage and emissions. Not hugely, but that’s not relevant. Even fractional differences can be all the difference when it comes to what comes out of the car’s tailpipe – and its Corporate Average Fuel Economy (CAFE) numbers.
So, we have drive-by-wire.
Your car’s brakes, meanwhile, have ABS – and the ABS is a critical element of the stability control system as well as the becoming-common “adaptive” cruise control and automatic collision avoidance systems that a growing roster of new cars either come standard with or offer as optional equipment.
Even the steering in a number of new cars is controlled to some extent – cue Dr. Strangelove – by the komputer. (See, for instance, the automated parallel parking systems available in a number of them. The car steers itself into the spot.)
And computers can be controlled by someone else.
In exactly the same way a virus can be transmitted over the ether and into your desktop PC, or hackers can tap into your PC without ever physically breaching your home, you car can now be accessed – and controlled.
It’s not just theoretical. And it’s not just Fiat-Chrysler vehicles, either. Other cars – including GM and Audi cars, to name at least two – also offer in-car/take-it-with-you WiFi. Meaning you – and your passengers – can get online in the car. Instead of searching for a Starbucks, you can fire up the laptop at a nice overlook – or at a tailgate party. The WiFi works within a certain radius outside the car, too.
And more than just your Pandora song list can leach into the car this way – as the Jeep driver discovered.
Leave a Reply