Not even a week has passed since I was writing about “Not yet worried about vehicle hacking? You should be!” and we see in the news that at Blackhat that exactly this is happening.
At BlackHat USA this week, the security researchers Charlie Miller and Chris Valasek are scheduled to present their latest findings in the world of car hacking. Again !
Miller and Valasek have already made names for themselves last year with the dramatic hacking of Jeep Cherokee, a interfering with its entertainment system, engine and brakes, while it was being driven down a busy highway at 70mph. Fiat Chrysler announced back then a safety recall of 1.4 million vehicles.
Now, the situation changed.
“By sending carefully crafted messages on the vehicle’s internal network known as a CAN bus, they’re now able to pull off even more dangerous, unprecedented tricks like causing unintended acceleration and slamming on the car’s brakes or turning the vehicle’s steering wheel at any speed.”(Wired)
Watch for yourself the movies on YouTube:
What does this mean?
Thankfully, their previous work helped Chrysler create a security update to fix the flaw that gave them their earlier, remote access to the Jeep’s guts. This new hack, however, is still possible on patched Jeeps like the one they tested. And the real reason for extending their Jeep attack is to demonstrate what the full consequences of a digital attack on cars or trucks would have looked like in the absence of that patch; Their full-speed attack on the Jeep’s steering and acceleration is what could happen the next time sophisticated hackers find a wireless foothold on a vehicle’s network.
If a car can be altered with a device (smartphone?) that can connect to the CAN-BUS, then anything can happen.
Like suddenly driving you at full speed into a wall or in the traffic coming from the other direction.
Great! Now what?
This is worrisome.. Why? Because there are many other cars out there that might have the same issue.
I will post here about future hacks.
© Copyright 2016 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity
Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch