ANATOMY OF A CAR HACK

Posted By Simon Montford on Oct 22 2015

A few months ago a technology journalist called Andy Greenberg, a reporter who works for Wired, asked two computer experts to hack his car. Even though he was obviously aware of their intentions, he still found the experience of losing control of his vehicle very unsettling. At one point, he even had to beg them to stop!

A growing number of cars on the road come with integrated computer systems as standard, with some vehicles containing over 100 microprocessors, which run everything from dashboard “infotainment” systems to critical systems that control the car’s transmission, engine, and exhaust systems.

Given that almost every new car manufactured today is fully "computerised", there is a growing concern that these "connected" cars could potentially be hacked, making them vulnerable to anyone with nefarious intentions. Once they are able to remotely access a vehicle's critical systems they, not you, are in control! With cars becoming more connected internally and externally via wi-fi, satellites, cell signals, and even the relatively new Intelligent Transportation Systems standard (US | EU), the number of ways for people to hack into a vehicle, and take control is greater than ever.

Since Andy Greenberg's experiment, a spat has erupted between Scientific American and Wired. The furore began when the aforementioned publication published a column by David Pogue that accused Wired of "scare tactic journalism". Well today Wired responded with the following rebuttal:

"In our recent reporting on the digital threats to automobile safety, we weren’t just offended by the assorted errors that outnumbered any facts in the piece—some of which Scientific American editors have noted in a series of corrections. We also take issue with Pogue’s fundamental argument: That reporting on the growing threat to vehicle cybersecurity isn’t legitimate because “car hacking is nearly impossible.” 

The full article can be viewed here, but in summary the Wired article reinforces that there is a threat, it is very real, and both the car industry and consumers alike must remain vigilant.  

That's why I decided to write this article, however most of the credit should go to a US security company company called Arxan that are on a mission to stop car hacking. Although the company has developed a series of hacker-thwarting technologies that utilize obfuscation and code protection techniques, Arxan also wishes to raise awareness of the potential threat among car owners. They feel this is important because most people don't even know it's possible to hack a car. By helping Arxan spread the word, it is hoped that drivers will become better educated about the techniques, and technologies used by hackers, which will hopefully encourage them to be more careful, and do what they can to prevent a hack. 
​
As a result, the people at Arxan have put together the following infographic (below) to help spread the word. Please feel free to share and post it, so that more drivers can be better protected.

Please note that some of the info provided may only be relevant to owners of connected vehicles in the US, as standards vary from country to country. Please feel free to comment below, and share your experiences, and tips with regard to protecting your vehicle against cyber attack. 

​Subscribe to our newsletter and you’ll receive product updates as well as the latest IOT news delivered straight to your inbox.

Technical Terminology

For those who aren’t familiar with the technologies associated with connected cars, we also created the handy reference below:
802.11p (WAVE/DSRC) – This is a new wireless standard that enables Intelligent Transportation Systems to allow cars to communicate with other cars as well as infrastructure systems, such as traffic signals or parking meters.

Bluetooth – A short-range wireless technology, bluetooth can be used to connect phones, audio devices, GPS, and more.

Cellular – Cellular data services aren’t just for phones: They are also used in car “infotainment” systems, such as Uconnect, and safety and location systems like OnStar.

Near-Field Communications (NFC) – Most popular for things like mobile payments (e.g., Apple Pay), NFC can trigger a variety of vehicle actions, from ignition to climate control and much more.

USB – Short for Universal Serial Bus, USB is an industry standard for connecting peripheral devices to computers and other electronic devices.

Wi-Fi – Wi-Fi in cars uses high-speed 4G LTE connections to allow a wide range of device connections, such as streaming videos or general internet connectivity.

Download the Infographic to Share: Arxan_Connected_Car_Security_Infographic_pdf