Hackers Cut Car’s Engine as it Drives
In an earlier report I wondered if all the extra wifi tech in the latest cars would increase their vulnerability. Sadly that’s now happening; I see that a pair of ‘cybersecurity researchers’ have shown they can use the Internet to control a car engine as it drives, escalating the debate about the safety of increasingly ‘connected’ cars.
The hackers managed to remotely commandeer the controls of a Jeep, activating windscreen wipers and turning up the radio—even going as far as turning off the car’s engine in the middle of a main road! “The most disturbing manoeuvre came when they cut the Jeep’s brakes, leaving me frantically pumping the pedal,” said the driver.
The safety issues of this are enormous. Fiat Chrysler (makers of Jeep) says it has issued a fix for the most serious vulnerability involved. Is that enough? Why was it independent cybersecurity researchers who discovered this and not Fiat Chrysler’s own team? When software isn’t your main business, maybe cybersecurity is an afterthought.
Car makers are experts at engineering but they seem to struggle with software issues, and hackers continually look to exploit software weaknesses. We have crash safety standards, we have braking standards, lighting standards, and so on. But no standards at all that I know of for the software that increasingly controls our cars.
It’s surprising that more car makers don’t entrust the software to a specialist company. After all, the firm that makes my laptop doesn’t make the software.
How long until a driver accused of speeding tells the court they ‘suspect that their car’s software was hacked as it suddenly accelerated for a moment.’ After all, there’s now proof that it can happen…