A most interesting article appeared in the Claims Journal last month that raises some issues that are somewhat alarming. We all know that cars have become more and more like “PCs on wheels” and that computers control everything relating to starting and stopping driving a car.
It was reported in the article that in recent demonstrations, hackers have shown they can slam a car’s brakes at freeway speeds, jerk the steering wheel and even shut down the engine – all from their laptop computers. It was stated that the hackers are publicizing their work to reveal vulnerabilities present in a growing number of car computers. All cars and trucks contain anywhere from 20 to 70 computers. These computers control everything from acceleration to the brakes to power steering to cruise control to the windows. All the computers are connected to an internal network. It appears at least two hackers have recently managed to find their way into these intricate networks.
It was stated in the article that there have been no real-world cases of a hacker remotely taking over a car. But experts say high-tech hijackings will get easier as automakers give them full Internet access and add computer-controlled safety devices that take over driving duties, such as acceleration, braking or steering, in emergencies. Another aspect is a possibility: A tech-savvy thief could unlock the doors and drive off with the owner’s vehicle. Rich Mogull, CEO of Phoenix-based Securosis, a security research firm, stated:
The more technology they add to the vehicle, the more opportunities there are for that to be abused for nefarious purposes. Anything with a computer chip in it is vulnerable, history keeps showing us.
During the last 25 years, automakers have gradually computerized functions such as accelerating, shifting, steering, and braking. Electronic gas pedal position sensors have replaced the old throttle cables. Electronic parts also reduce weight and help cars use less gasoline. The networks of little computers inside today’s cars are said to be fertile ground for hackers.
Charlie Miller, a St. Louis-based security engineer for Twitter, and fellow hacker Chris Valasek, director of intelligence at a Pittsburgh computer security consulting firm, were said to have maneuvered their way into the computer systems of a 2010 Toyota Prius and a 2010 Ford Escape through a port used by mechanics. Valasek said they “could control steering, braking, acceleration to a certain extent, seat belts, lights, horn, speedometer, gas gauge.” It was stated that these hackers used a federal grant to expose the vulnerability of car computers. But even with their expertise, it seems to have taken them nine months to get in. Valasek and Miller released a report, including instructions on how to break into the cars’ networks, at a hacker convention held in August. It was stated there that the two hackers believed that drawing “attention” to the problems would get automakers to “fix” them. According to the men, automakers haven’t yet added security to the ports.
Ford said in a statement that it takes security seriously, and that Miller and Valasek needed physical access to the cars to hack in. Toyota said it has added security and continually tests it to stay ahead of hackers. The company said its computers are programmed to recognize “rogue commands” and reject them. Two years ago, researchers at the University of Washington and University of California, San Diego did more extensive work, hacking their way into a 2009 midsize car through its cellular, Bluetooth and other wireless connections – even the CD player.
Dr. Stefan Savage, a UCSD computer science professor, said he and other researchers could control nearly everything but the car’s steering. He said they “could have turned the brakes off, could have killed the engine” and “could have engaged the brakes.” Savage didn’t identify which manufacturer made the car they hacked into. But it was reported that the car was from General Motors and the researchers compromised the OnStar safety system, best known for using cellular technology to check on customers and call for help in a crash.
GM issued a statement saying it takes security seriously and is putting strategies in place to reduce risk. It was reported that GM engineers initially dismissed the researchers’ work, but after reading the report, quickly moved to close holes that allowed access to the car’s computers. Dr. Savage says he doesn’t think common criminals will be able to electronically seize control of cars anytime soon. He believes that it would take too much time, expertise, money and hard work currently to hack into the multitude of computer systems.
As reported, it would take “a rarefied group” with “the resources and wherewithal” to accomplish this type hacking. Instead, Savage believes basic theft is a more likely consequence of computerization. Criminals could be able to unlock doors remotely and then start and drive the car by hacking through the diagnostic port. Remote door unlocking could also lead to theft of packages, phones and other items that are stored in a car. I am not sure what will come from this study and report, but it certainly raises some interesting issues.
Sources: Tom Krisher, Law360.com and Claims Journal
Contact us today for a free legal consultation with an experienced attorney.
Fields marked *may be required for submission.
If you would like to subscribe to the Jere Beasley Report digital edition, simply visit our Subscriptions page and provide the necessary information or call us at 800-898-2034.
Attorney Advertising - Prior results do not guarantee a similar outcome.