[article] Forbes: "Hackers Reveal Nasty New Car Attacks--With Me Behind The Wheel (Video)" from Coralie Mercier on 2013-07-26 (public-autowebplatform@w3.org from July 2013)

From: Coralie Mercier <coralie@w3.org>
Date: Fri, 26 Jul 2013 17:19:13 +0200
To: public-autowebplatform@w3.org
Message-ID: <op.w0t4ubmpsvvqwp@sith.local>
Dear participants of the Automotive and Web Business Group,

I'd like to bring this article to your attention.

Best regards,
Coralie

====


http://www.forbes.com/sites/andygreenberg/2013/07/24/hackers-reveal-nasty-new-car-attacks-with-me-behind-the-wheel-video/
Hackers Reveal Nasty New Car Attacks--With Me Behind The Wheel (Video)
7/24/2013 @ 9:00AM |294,057 views

This story appears in the August 12, 2013 issue of Forbes.

======
Stomping on the brakes of a 3,500-pound Ford Escape that refuses to  
stop–or even slow down–produces a unique feeling of anxiety. In this case  
it also produces a deep groaning sound, like an angry water buffalo  
bellowing somewhere under the SUV’s chassis. The more I pound the pedal,  
the louder the groan gets–along with the delighted cackling of the two  
hackers sitting behind me in the backseat.

Luckily, all of this is happening at less than 5mph. So the Escape merely  
plows into a stand of 6-foot-high weeds growing in the abandoned parking  
lot of a South Bend, Ind. strip mall that Charlie Miller and Chris Valasek  
have chosen as the testing grounds for the day’s experiments, a few of  
which are shown in the video below. (When Miller discovered the  
brake-disabling trick, he wasn’t so lucky: The soccer-mom mobile barreled  
through his garage, crushing his lawn mower and inflicting $150 worth of  
damage to the rear wall.)

“Okay, now your brakes work again,” Miller says, tapping on a beat-up  
MacBook connected by a cable to an inconspicuous data port near the  
parking brake. I reverse out of the weeds and warily bring the car to a  
stop. “When you lose faith that a car will do what you tell it to do,” he  
adds after we jump out of the SUV, “it really changes your whole view of  
how the thing works.”

This fact, that a car is not a simple machine of glass and steel but a  
hackable network of computers, is what Miller and Valasek have spent the  
last year trying to demonstrate. Miller, a 40-year-old security engineer  
at Twitter, and Valasek, the 31-year-old director of security intelligence  
at the Seattle consultancy IOActive, received an $80,000-plus grant last  
fall from the mad-scientist research arm of the Pentagon known as the  
Defense Advanced Research Projects Agency to root out security  
vulnerabilities in automobiles.

The duo plans to release their findings and the attack software they  
developed at the hacker conference Defcon in Las Vegas next month–the  
better, they say, to help other researchers find and fix the auto  
industry’s security problems before malicious hackers get under the hoods  
of unsuspecting drivers. The need for scrutiny is growing as cars are  
increasingly automated and connected to the Internet, and the problem goes  
well beyond Toyota and Ford. Practically every American carmaker now  
offers a cellular service or Wi-Fi network like General Motors’ OnStar,  
Toyota’s Safety Connect and Ford’s SYNC. Mobile-industry trade group the  
GSMA estimates revenue from wireless devices in cars at $2.5 billion today  
and projects that number will grow tenfold by 2025. Without better  
security it’s all potentially vulnerable, and automakers are remaining mum  
or downplaying the issue.

As I drove their vehicles for more than an hour, Miller and Valasek showed  
that they’ve reverse-engineered enough of the software of the Escape and  
the Toyota Prius (both the 2010 model) to demonstrate a range of nasty  
surprises: everything from annoyances like uncontrollably blasting the  
horn to serious hazards like slamming on the Prius’ brakes at high speeds.  
They sent commands from their laptops that killed power steering, spoofed  
the GPS and made pathological liars out of speedometers and odometers.  
Finally they directed me out to a country road, where Valasek showed that  
he could violently jerk the Prius’ steering at any speed, threatening to  
send us into a cornfield or a head-on collision. “Imagine you’re driving  
down a highway at 80 ,” Valasek says. “You’re going into the car next to  
you or into oncoming traffic. That’s going to be bad times.”

A Ford spokesman says the company takes hackers “very seriously,” but  
Toyota, for its part, says it isn’t impressed by Miller and Valasek’s  
stunts: Real carhacking, the company’s safety manager John Hanson argues,  
wouldn’t require physically jacking into the target car. “Our focus, and  
that of the entire auto industry, is to prevent hacking from a remote  
wireless device outside of the vehicle,” he writes in an e-mail, adding  
that Toyota engineers test its vehicles against wireless attacks. “We  
believe our systems are robust and secure.”

[img]
[img description] Anatomy of an auto hack: With just a laptop connected to  
its diagnostics port, Valasek and Miller turned an innocent Prius into the  
world's worst amusement park ride. Here what they could do.(Click to  
enlarge)

But Miller and Valasek’s work assumed physical access to the cars’  
computers for a reason: Gaining wireless access to a car’s network is old  
news. A team of researchers at the University of Washington and the  
University of California, San Diego, experimenting on a sedan from an  
unnamed company in 2010, found that they could wirelessly penetrate the  
same critical systems Miller and Valasek targeted using the car’s  
OnStar-like cellular connection, Bluetooth bugs, a rogue Android app that  
synched with the car’s network from the driver’s smartphone or even a  
malicious audio file on a CD in the car’s stereo system. “Academics have  
shown you can get remote code execution,” says Valasek, using hacker  
jargon for the ability to start running commands on a system. “We showed  
you can do a lot of crazy things once you’re inside.”

One of the UCSD professors involved in those earlier tests, Stefan Savage,  
claims that wireless hacks remain possible and affect the entire industry:  
Given that attacks on driving systems have yet to be spotted outside of a  
lab, manufacturers simply haven’t fully secured their software, he says.  
“The vulnerabilities that we found were the kind that existed on PCs in  
the early to mid-1990s, when computers were first getting on the  
Internet,” says Savage.

As cars approach Google’s dream of passenger-carrying robots, more of  
their capabilities also become potentially hackable. Miller and Valasek  
exploited Toyota’s and Ford’s self-parking functions, for instance, to  
hijack their vehicles’ steering. A car like the 2014 Mercedes Benz  
S-Class, which can negotiate stop-and-go traffic or follow a leader  
without input, may offer a hacker even more points of attack, says Gartner  
Group analyst Thilo Koslowski. “The less the driver is involved, the more  
potential for failure when bad people are tampering with it,” he says.

In the meantime, Miller and Valasek argue that the best way to pressure  
car companies to secure their products is to show exactly what can be done  
with a multi-ton missile on wheels. Better to experience the panic of a  
digitally hijacked SUV now than when a more malicious attacker is in  
control. “If the only thing keeping you from crashing your car is that no  
one is talking about this,” says Miller, “then you’re not safe anyway.”
======

-- 
  Coralie Mercier  -  W3C Communications Team  -  http://www.w3.org
mailto:coralie@w3.org +33643220001 http://www.w3.org/People/CMercier/
Received on Friday, 26 July 2013 15:19:22 UTC