Ever since the mid-70s when a man called John Draper used a whistle that produced exactly 2,600 hertz to get free phone calls from AT&T, people have been hacking into electrical and computer systems. Sometimes it’s for fun, sometimes it’s because of ego and in other cases it’s for malicious purposes.
The idea was not lost on the makers of the now classic hacking movie War Games and also appears to be on the minds of leaders in government across the world, who spend a great deal of time and effort on preventing such things from happening. As we continue to move further and further into a digital existence, there are now more data and systems controlled via the internet and mobile signals than ever. Hacking has become not just a worry but a constant, tangible threat to people, companies and governments. But one area of hacking that had not hit the public consciousness until very recently is the very real potential of car hacking. It is now starting to create waves of worry through the industry and the buying public. But how much of an issue is it? And how much of an issue could it become?
The Story So Far…
In 2015, some hackers (who should really just be called researchers) working for Wired Magazine managed to take control of a Jeep while it was traveling at 70 mph. The headline information didn’t really go any deeper than that; the truth was perhaps a little less shocking but still concerning. The reality behind the story was that the researchers actually spent about a year with the car before hacking it.
This point has been eagerly made by many in the car industry in an attempt to diminish the worry about this kind of threat. However, any potential hacker can get hold of a car, and most criminal hackers can probably “source” a new car if they don’t simply buy one. So the idea that having to be in contact with the car for a long period in order for it to be hacked is not very realistic.
During the hack, the researchers were able to control various systems throughout the car, from the radio, lights and air conditioning to – rather more worryingly – the brakes. The technique used is called a zero-day exploit, and it is one the researchers said would have worked on any Chrysler model. This hack was well planned, taking a long time and a lot of research, but it highlighted a very considerable issue that Chrysler (the parent company of Jeep) took seriously and quickly addressed with a software update.
Many in the industry suggest this is not a real issue because for a car to be hacked, it has to have internet capabilities and currently very few cars do. But overlooking the issue because it currently only affects a minority of cars is a mistake. The idea of having fully connected cars is high on almost every manufacturer’s list – cars with access to the internet could become commonplace very quickly.
Tesla – Part 1
In May 2016 Joshua Brown sadly died at the wheel of his Tesla Model S. While Brown was driving in autopilot mode, a large truck pulled across the path of Mr. Brown – where both he and car failed to see it. The crash sent shockwaves across the automotive world, especially the parts that have been looking deeply into driverless cars. This incident lead to a team of researchers from the University of South Carolina, China’s Zhejiang University and the Chinese security firm Qihoo 360 to start trying to trick and “hack” Tesla’s autopilot systems. The work this team did was less aimed at the computers in the car and more at the gamut of different sensors that help control the car. This may not have been a true hack but it did show that new car systems using computers are potentially open to abuse.
Tesla – Part 2
Far more recently, another team of researchers from a different Chinese security company managed something considerably more concerning than both the previous Jeep hack and sensor tampering.
The team managed to hack into a Tesla car’s controller area network, which is known as the Can bus. It’s essentially a group of connected computers that are found inside most modern cars and control a multitude of functions. This hack allowed researchers to move the seats and work the lights and indicators, wing mirrors, wipers and brakes.
As with the Jeep hack, the car did need to be connected to the internet, more specifically through a malicious Wi-Fi hotspot set up by the hackers. The really worrying part about this hack is that it was done from about 12 miles away, and the team thinks it would have worked on any Tesla model.
As a result, just like Chrysler, Tesla made a very big deal about releasing an update to make sure this would not happen again.
All Is Well That Ends Well…
All in all, these hacks were simply noted, and updates were provided to stop them. The laser and more physical hack didn’t work very well, and Tesla suggested they failed to repeat any of the claimed results. So does this mean all connected car owners can rest easy?
There is an anti-hype movement about car hacking that claims because these initial hacks were tricky and updates have since blocked them. The problem with this is that it fails to take into account the underlying ingenuity of the human brain, the reasons behind hacking and the ever-advancing technology appearing on the market. This approach also fails to recognize the fact that as more manufacturers build connected cars, a larger number of them will be using their own operating systems, and some may not be very secure. Corners may be cut to save money, hackers will always be pushing the boundaries of what is possible and, in the middle of it all, there are likely to be more people driving cars that could potentially be stopped in the middle of a highway.
The Way Forward
The only way to address this potential threat is to be aware of it and act upon it. Manufacturers and researchers need to stay on top of this technology. Yes, this kind of research and extra software security will be costly, but it could also open up a whole new part of the automotive industry, and that can’t be a bad thing for jobs.
About the Author
Mike James is an independent content writer working together with motoring journalist Ade Holder and The AA Garage Guide.