You think you’re in control of your car.
You’re driving down the highway at 75mph, singing along to your favorite song, when weird things start to happen.
First, the radio station changes to something you weren’t expecting. Next, your car horn blares and your headlights flash on and off like crazy.
Finally, the power cuts out. You’re left stranded on the side of the road. Your vehicle won’t start, and you have absolutely no idea what’s going on.
That’s when you realize you have no control over your car at all But these strange goings on aren’t anything supernatural. They’re the work of hackers, and they’ve taken control of your car.
It might all sound as unlikely as a ghost story. But it’s real—real enough for Chrysler to patch its Jeep line against hacking attacks.
Have driver safety and privacy taken a bizarre turn? We’re afraid so.
Computers On Wheels
Of course, the auto industry has been going down this road for a while now. Over the last couple of decades, cars have been transforming into computers on wheels. And what are computers, if not hackable?
At first there were trip calculators and diagnostic systems. Now the latest cars from marques like Ford and Infiniti have built-in Wi-Fi, Bluetooth, and telematics systems.
Security researchers Charlie Miller and Chris Valasek have already set about exposing the vulnerabilities. “The most hackable cars had the most features and were all on the same network and could all talk to each other,” they say.
Miller and Valasek’s Research Findings
2014 Infiniti Q50
The 2014 Infiniti Q50 was highly vulnerable to hacking, because its telematics, Bluetooth, and radio functions are on the same network as the engine and brakes. This makes it easier for a hacker to take control of the vehicle itself.
2014 Jeep Cherokee
In the 2014 Jeep Cherokee, “the radio can always talk to the brakes.” This allowed them to remotely kill a Jeep driving at 70 mph in a live test for Wired magazine.
2010 Ford Escape & 2010 Toyota Prius
The 2010 Ford Escape and 2010 Toyota Prius were hacked by Miller and Valasek in 2013. The pair were able to take control of both vehicles via acceleration, braking, steering, and more.
And these are just some of the weaknesses researchers know about.
The problem is serious enough that the US Government to taking action. In July, Senator Edward J. Markey filed a bill demanding new standards for car security.
“Cars are a major part of the Internet of Things,” said the senator. “We’ve moved from an era of combustion engines to computerized engines, but we haven’t put into place the proper protections against hackers and data trackers.”
Car security is “maybe 20 years behind” computer OS security, according to former DARPA and Google researcher Peiter Zatko. “It’s abysmal… there’s no security in cars, and the systems are wide open.”
From A Thousand Miles Away
Not so long ago, all you had to do to secure your vehicle was lock the doors.
But with automotive cybersecurity lagging 20 years behind, intruders now have a new way to get inside your car.
By hacking General Motors’ OnStar telematics system, researchers from the University of Washington were able to remotely control GM vehicles from a thousand miles away back in 2011.
More new exploits are coming, and things will probably get a lot worse before the car industry catches up its cybersecurity game.
So if you think you’re in control of your car, think again. Thanks to the auto industry’s cybersecurity failings, a hacker could get in at any time.
This is #WTFWednesday, our in-depth look at the cyber-security and data privacy stories you need to know about. Have a friend who you suspect might be the target of car hackers? Share this story with them!
ExpressVPN’s #WTFWednesday brings you weird, shocking, and creepy stories about data privacy—pulled straight from the news. Think your privacy is yours? Think again. You will feel uncomfortable. You will be outraged. You will think, “WTF?!”
Like this post? Hate it? Read more horror stories about the invasion of your privacy in our #WTFWednesday archive.