Intelligent Machines

Taking Control of Cars From Afar

Researchers show they can hack into cars wirelessly.

Researchers who have spent the last two years studying the security of car computer systems have revealed that they can take control of vehicles wirelessly.

Hacked dash: Researchers have previously shown they can take control of a car’s dashboard display, among other systems.

The researchers were able to control everything from the car’s brakes to its door locks to its computerized dashboard displays by accessing the onboard computer through GM’s OnStar and Ford’s Sync, as well as through the Bluetooth connections intended for making hands-free phone calls. They presented their findings this week to the National Academies Committee on Electronic Vehicle Controls and Unintended Acceleration, which was brought together partly in response to last year’s scandal over supposed problems with the computerized braking systems in Toyota Priuses.

The team, including Tadayoshi Kohno, an assistant professor of computer science at the University of Washington, and Stefan Savage, a professor of computer science at the University of California, San Diego, had previously shown that they could take control of a car’s computer systems, provided that they had physical access to the vehicle’s onboard diagnostics port—a federally mandated access point located under the dashboard in almost all modern cars.

With the new work, the researchers systematically analyzed ways they could get at a car’s computer systems without having physical access. They used a 2009 mass-production sedan equipped with fewer computer systems than many high-end cars. For each attack that succeeded, they confirmed that they could take complete control of all of the car’s internal computer systems.

The researchers attacked the car’s Bluetooth system, which allows a driver to make hands-free cell-phone calls. They found a vulnerability in the way the Bluetooth system was implemented that allowed them to execute code to take control of the car. To do this, the researchers used a smart phone already paired with the car or found a way to illicitly authorize a new smart-phone connection.

Nowadays many cars come equipped with cellular connections that perform safety functions, such as automatically calling for help if the driver is in a crash. The researchers found that they could take control of this system by breaking through its authentication system. First, they made about 130 calls to the car to gain access, and then they uploaded code using 14 seconds of audio. The researchers also found other ways to gain access, for example via the car’s media player.

“We were surprised to find that the attack surface was so broad,” Kohno says, referring to the wide variety of ways the researchers were able to gain access to the car’s computer systems.

The team analyzed possible attack scenarios as well. For example, they showed that high-tech car thieves could search for desired models of cars, identify their locations, and unlock them, all without any forced entry. They could conduct malicious surveillance, such as forcing a car to send out its GPS location at regular intervals. They could also sabotage a car, by disabling its brakes, for example.

There is no evidence that any of these attack scenarios have been used by criminals, and there’s little immediate danger to consumers, the researchers say. “Both Stefan and I still feel perfectly comfortable driving our cars,” Kohno says.

“This took 10 researchers two years to accomplish,” Savage adds. “It’s not something that one guy is going to do in his garage.”

However, it may be time for manufacturers to start looking for ways to protect cars from hacker attacks. Louis Lanzerotti, a distinguished research professor in the physics department at the New Jersey Institute of Technology and the chair of the Committee on Electronic Vehicle Controls and Unintended Acceleration, says the researchers were invited to speak at the event as part of its review of electronic vehicle controls, systems, and safety across the industry. The group will assemble the information it gathers to make recommendations to the National Highway Traffic Safety Administration regarding ways to ensure that electronic vehicle controls are safe.

“Attacking cars remotely significantly broadens the threat and greatly increases the impact of this and [the researchers’] previous work,” says Aurélien Francillon, a researcher in the system security group at ETH Zurich, in Switzerland, who has also worked on automotive security. “It is time for car manufacturers, as they become software companies, to take software security very seriously and apply both common best practices in software hardening and formal design and verification methods.” Though Francillon acknowledges that this will increase the expense of developing and engineering systems for cars, he believes that added investment will be necessary as more software attacks become public.

Some manufacturers are already working on better security, Francillon notes, and several European research projects are under way, such as Evita, in addition to work being done by the Center for Automotive Embedded Systems Security.

Savage believes that, despite the broad range of vulnerabilities the research found, the problems will be addressed. “We may see a good outcome here,” he says.

The latest Insider Conversation is live! Listen to the story behind the story.

Subscribe today
Already a Premium subscriber? Log in.

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe to Insider Plus.
  • Insider Plus {! insider.prices.plus !}*

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus ad-free web experience, select discounts to partner offerings and MIT Technology Review events

    See details+

    What's Included

    Bimonthly magazine delivery and unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.