Cars are full of computers, hidden away in the recesses of the car body, controlling things. Now imagine driving down a highway at 100km/h when your car all of a sudden comes to a stop. Guess what? Your car has been hacked! If you think this is science fiction, then think again. There are numerous articles on the net detailing how cars can be hacked, like this one from WIRED magazine on hackable cars. Why are cars so hackable? Firstly most modern cars contain anywhere from 50 to 100 computers controlling critical components such things as steering, acceleration and brakes. But usually these aren’t very smart computers, i.e. they don’t authenticate where messages are coming from. Secondly, most of these systems are interconnected, so breaching one means its easy to gain access to others. Hackers could access a car’s core control computer by creating a schism in the Internet-connected entertainment system and tamper with the steering. This article in Forbes by Andy Greenberg also shows the ease at which a car can be hacked.
These cars were quite safe in the 1990s, when cars were a closed box, but the addition of internet has turned them into a Pandora’s box of hack-ability How complex are these cars? Consider the code that sent Apollo 11 to the moon – 145,000 lines of code (LOC). NASA’s Curiosity Rover mission to Mars? 2.5 million LOC. The average modern car? 50-100 million LOC. The problem? Too much code, and likely code that isn’t built to the same standards as that found in banking applications, or the aerospace industry.
The most hackable cars? The Cadillac Escalade, Jeep Cherokee and Infiniti Q50. What makes them so vulnerable? They have a large wireless “attack” surface – things like Bluetooth, keyless entry, and wi-fi. These can be used by a hacker to gain entry into the system. Next the network architecture – how tightly coupled are these wireless entry points to critical systems, and the cars cyberphysical features, like parking assist.
Truly quit frightening.