It is hard to read the newspaper headlines and not see a new story about another major hacking incident. To put the impact of this most serious problem into perspective, Hackers are costing consumers and companies an estimated $375 to $575 billion per year. Other estimates have placed the total cost closer to $1 trillion. Few hackers are ever caught – particularly if they very good hackers. James Lewis, Center for Strategic and International Studies (CSIS) senior fellow, stated:
We don’t catch most cybercriminals and we don’t catch the most successful ones. That’s the heart of the problem. So far there is impunity for cybercriminals.
A report prepared by Mr. Lewis found that due to the billions of dollars lost at the hands of hackers, 200,000 jobs were lost in the United States alone. Aside from the financial cost, government entities have been hacked with regularity, causing a release of sensitive data and personal information.
Unfortunately, hacking risks extend beyond financial, government and privacy concerns, to health and safety issues as well. Over the past few years, testing has confirmed that hackers have the ability to hack into car computer systems, obtain access to the car, and manipulate the car to do what they want it to do. The Jeep “Hackers,” Charlie Miller and Chris Valasek, proved such a feat was possible when they hacked into a 2014 Jeep Cherokee in 2015, and paralyzed the car on Highway I-64 while it was being driven in traffic.
These “hackers” could even disable the car’s breaks at low speeds. Their testing caused Jeep to institute a recall of 1.4 million vehicles to patch vulnerabilities in Jeep software. In 2016, the Jeep Hackers returned to prove they could do even more – they hacked into a car and caused it to accelerate to high speeds, they could slam on the car’s bakes, or turn the car’s steering wheel at any speed. Miller had this to say, which is very scary:
You have one computer in the car telling it to do one thing and we’re telling it to do something else. Essentially, our solution is to knock the other computer offline.
Their second test, which involved a direct link to the vehicle as opposed to a remote hack, overrode contradicting signals that tell the parking brake not to activate, and, disabled steering so the steering wheel resisted the driver’s attempts to turn it. When they digitally turned the wheel at 30 miles per hour on an empty road, they crashed the Jeep into a ditch.
Vulnerabilities in vehicle software systems are not just limited to the ones mentioned above. In 2011, researchers at the University of California at San Diego and University of Washington found ways into the Chevy Impala’s computer system, which included everything from the car’s Onstar connection, a hacked smartphone connected to the infotainment system via Bluetooth, and a hack accomplished by inserting a CD containing malicious files into the vehicle’s CD player.
Car manufacturers are aware of these vulnerabilities. They have tried to respond as researchers have exposed those vulnerabilities. However, with cars relying more and more on computer systems and their access to satellite, Bluetooth and internet connectivity, the danger of vehicle hacking will persist. Miller had this to say:
We’re doing as much as we can to get manufacturers to build layers and layers of security into their cars. There’s no reason to think the bug we found and got patched [in 2015] is the only bug of its kind. There are definitely more vulnerabilities in other cars, and probably more in the Jeep, too.
Yoni Heilbronn, vice president of marketing at Argus Cyber Security, an automotive security company, observed:
The equation is very simple. If it’s a computer and it connects to the outside world, then it is hackable.
Hopefully, automakers and NHTSA will keep track of this potential threat and take all steps necessary to protect the public. This is a most serious problem.
Source: U.S. News & World Report, Wired, The Washington Post
Contact us today for a free legal consultation with an experienced attorney.
Fields marked *may be required for submission.
If you would like to subscribe to the Jere Beasley Report digital edition, simply visit our Subscriptions page and provide the necessary information or call us at 800-898-2034.
Attorney Advertising - Prior results do not guarantee a similar outcome.