Should I Be Alarmed About Car Hacking?
This article is sponsored by JeepsAreUs.com.
The era of smart gadgets is upon us, molding our lives to resemble science fiction. Of course, the automotive industry is not exempt from offering these exciting upgrades. From all-in-one entertainment systems to sweet engine boosts, it’s no wonder long drives are hardly dreaded. But with great technological advancements come unintended pitfalls, and in the case of automobiles, car hacking is the greatest threat.
Numerous demonstrations have shown how dangerous it would be if a hacker got into your car’s system. Hijacked vehicles tend to malfunction and act like they have minds of their own. In 2015, for example, Charlie Miller and Chris Valasek simulated this with a Jeep Cherokee.
They had a volunteer drive the vehicle without informing him of how they will interfere with his driving. The two hackers messed with the Jeep’s air conditioning, radio, and windshield wipers before going for the accelerator and brakes of the vehicle. All of this hacking was done remotely. It didn’t take very long for the driver to tap out as he nearly got into an accident and was forced to maneuver the Jeep down an exit ramp into an empty lot.
Car hacking targets the electronic control unit (ECU) of a vehicle to exploit its vulnerabilities and gain control over its functionality. This hacking was only possible in the past if the computer was wired directly onto the car’s onboard diagnostic port. Miller and Valasek demonstrated this in 2013 by disabling the breaks of a Ford Escape and Toyota Prius from the backseat. They also commandeered the steering wheel and sounded the horn with their laptops. After two years, they developed software that is capable of hacking the ECU from miles away.
Being vulnerable to hacking attempts is the price to pay for equipping automotive control and entertainment systems with internet connectivity. The more a vehicle has in terms of wireless features, the more it is at risk of getting hacked. That’s because devices connected to an external network are always at risk of security breaches. Hackers can access sensitive data, perform keyless entries, and take full control over a car.
According to the Upstream Security Global Automotive Cybersecurity Report of 2019, the occurrence of automotive cyberattacks has increased sixfold since 2014. Cybercriminal incidences also overtook research-based car hacking in 2018. This means that reported hijacks are no longer confined within the safe spaces of demonstrations and are now posing real-life threats to drivers.
What’s more alarming is Miller and Valasek’s discovery of the dangers of having Uconnect. The Uconnect is an internet-connected system that serves as a centralized control center for a vehicle’s entertainment and navigation. It is available for Fiat Chrysler cars, trucks, and SUVs like the Jeep Cherokee and Jeep Wrangler. Uconnect also enables WiFi hotspot and hands-free phone calls.
Their research proved you could manipulate a vehicle with Uconnect from anywhere in the country over the internet as long as you know its IP address. So while the program certainly offers convenient features, you may want to think twice before relying on it entirely.
Fortunately, there are countermeasures in place to address these concerns. Car manufacturers work hand-in-hand with researchers to identify vulnerabilities and come up with solutions. Auto companies then release software updates for additional security. At the time of Miller and Valasek’s demonstration of hacking a Jeep, these patch upgrades had to be manually installed via a USB stick or by a dealership mechanic. Today, automobiles can now download security patches directly from the internet, similar to how smartphones and computers have their regular updates.
The United States Government is also acting on securing the safety of road users against car hacking. The Security and Privacy in Your Car Act of 2015 require manufacturers to inform their consumers as to what data are being collected, transmitted, and shared in their cars. It also outlines penalties and punishments such as life imprisonment for cybercriminals who have hacked into a vehicle’s system.
As a car owner, there are preventive steps you can take to improve your car’s cybersecurity. One of the most important things you can do is to update your software regularly. Since manufacturers are constantly debugging and improving their systems, it’s harder for hackers to infiltrate your system.
Be cautious of installing third-party apps and aftermarket parts that require access to your car’s operating system. Buy only from reputable stores and look for the words OEM parts (e.g., OEM Jeep Wrangler parts) when shopping. It’s also good practice to scan a device for viruses before hooking it up to your car. Finally, be sure to turn off all network connectivity when they’re not in use to prevent hackers from infiltrating your system.
While there is always a risk of car hacking in today’s tech-dominated world, the chances of someone gaining control over your car while you’re driving is pretty low. With appropriate safety precautions in place, cybertheft can be prevented. True enough, car hacking must be taken more seriously than ever as we continue with technological innovations.