Hacking a Car Will be as Easy as Hacking a Computer
The late journalist Micheal Hastings, after publishing provocative articles about US generals, suspected his car had been tampered with shortly before he died in a strange crash. There is evidence to support that idea that vehicles controlled by hackers could cause fatalities.
According to a prominent security analyst, technology exists that could’ve allowed someone to hack his car. Former U.S. National Coordinator for Security, Infrastructure Protection, and Counter-terrorism Richard Clarke told The Huffington Post that what is known about the single-vehicle crash is “consistent with a car cyber attack.”
Clarke said, “There is reason to believe that intelligence agencies for major powers” — including the United States — know how to remotely seize control of a car.
[Red Ice: Was Michael Hastings Murdered?]
The future of driving involves not only constant surveillance from inboard monitoring services like ’OnStar’, but also mandatory black boxes, and behavior monitors.
These easily hackable vehicles, combined with shoddy password protection seems to be a crisis waiting to unfold. Perhaps not surprisingly, this problem is resolved through the implementation of ’personal authentication’, which can consist of microchips in the body, or electric tattoos - not a solution welcomed by everybody, certainly.
Obviously since the car tech is out there and will become part of everyday life, as ubiquitous as computers, tablets, and smartphones are now, different solutions need to be found that don’t necessarily require microchips implanted in our bodies. That seems to be setting up a scenario where our BODIES are hacked instead of our cars.
More from Motherboard...
Hacking a Car Shouldn’t Be as Easy as Hacking a Computer
By Meghan Neal | Motherboard
As you’ve no doubt picked up on by now, the future car is, for better or worse, a computer with wheels. You log in to your car with a password to control the digitized features. The car comes with built-in internet and downloadable apps. Toyota’s new electric concept is named the "iRoad." As Motherboard’s Derek Mead reported from CES this year, the trend is crystal clear: "Every car is going to get smarter and more connected, and no car will be worth its salt unless it’s got an app."
There’s a lot of cool shit you can do with a smart car. The problem with having an automobile that works just like a computer is it can be hacked just like a computer—in other words, far too easily.
At the Black Hat Asia security conference in Singapore over the weekend, security consultant Nitesh Dhanjani demonstrated just how easily it is to break into and control a vehicle, specifically a Tesla Model S.
Dhanjani focused his research on the all-electric car because it’s leading the trend of computerized vehicles. The Model S comes with 3G data and wireless internet, its API is open to third-party developers who are starting to build apps for the car, and the car is remote-controllable via the Tesla iPhone app (screenshot below).
That app is accessed with a six-digit password that Tesla owners set up when they first buy the car. Dhanjani’s report spells out how insecure this is, especially since the system doesn’t lock you out after numerous incorrect attempts.
It’d take a hell of a long time to try to brute-force the password, but without a lockout, it’s not impossible. If that didn’t work, a phishing scheme could potentially be successful, Dhanjani explained. Or perhaps a bit of social engineering aimed at Tesla customer service employees or the owner could work. In any case, Dhanjani’s point is that if a car has a password, that password can be swiped.
Read the full article at: motherboard.vice.com