Hackers plan to remotely hijack connected car
DARPA researchers plan to demo vulnerability of connected car at conferences
WASHINGTON – Cybersecurity researchers Charlie Miller and Chris Valasek, funded by the federal government, announced they will publicly hack a connected car or truck.
The duo received a 2013 grant from the Defense Advance Projects Research Agency to study the vulnerability of smart car technology.
Miller and Valasek said they will conduct demonstrations in August at the Black Hat and Defcon security conferences.
The researchers released a statement on a Black Hat website: “We will show the reality of car hacking by demonstrating exactly how a remote attack works against an unaltered, factory vehicle.”
“Starting with remote exploitation, we will show how to pivot through different pieces of the vehicle’s hardware in order to be able to send messages on the CAN bus to critical electronic control units. We will conclude by showing several CAN messages that affect physical systems of the vehicle.”
The two hackers have not yet released further details about their hack or specified the vehicle make and model of the smart car they’ll hijack.
This will not be the first time that a car has had its security breached. A 2011 study conducted by the University of San Diego demonstrated a car could have its breaks and steering controlled from an Android phone.
The idea of remotely controlling a vehicle has raised concern within the auto industry and from government regulators.
U.S. Sen. Ed Markey (D-Mass.), who sits on the Senate Commerce Committee, has issued a report that was highly critical of the automobile industry’s cybersecurity standards.
“Drivers have come to rely on these new technologies, but unfortunately the automakers haven’t done their part to protect us from cyberattacks or privacy invasions,” Markley said earlier this year.
“Even as we are more connected than ever in our cars and trucks, our technology systems and data security remain largely unprotected,” he said. “We need to work with the industry and cybersecurity experts to establish clear rules of the road to ensure the safety and privacy of 21st-century American drivers.”