A tiny, cheap gadget which can ‘hack’ into
the network of modern cars to receive radio commands ranging from
controlling steering and brakes to switching off headlights is to be
shown off at the Black Hat Asia security conference in Singapore next
month.
According to a report by Forbes’ Andy Greenberg,
the attack requires physical access to the vehicle – but the gadget,
designed by security reseachers Javier Vazquez-Vidal and Alberto Garcia
Illera is so discreet, attaching to a car’s internal network via the
Controller Area Network, and drawing power from the vehicle, that it
could be used for delayed attacks. The hacking tool, which is just
smaller than an iPhone, can then wireless commands once it is attached
to the vehicle.
“It can take five minutes or less to hook it up and then
walk away,” Spanish researcher Vazquez Vidal told Greenberg. “We could
wait one minute or one year, and then trigger it to do whatever we have
programmed it to do.”
Vidal says that they have tested four different vehicles,
and that the degree of control varies according to make – but that they
were able to trigger emergency brakes, switch off headlights, and
trigger alarms via the device.
Writing on the Black Hat Asia
site,,. Vidal says, “In our previous presentation, we learned how did
the security in some car ECUs work, and we demonstrated how it could be
bypassed to modify their internal parameters, and even to recover a
bricked ECU. All of this was done over K-Line, a protocol that was used
on all vehicles up to 2010. This time, we will go one step further,
introducing the security existing in modern CAN bus enabled vehicles,
and of course, how it can be bypassed. We will show a custom made tool
that costs less than $20 to build and that is able to access the CAN bus
system, giving the possibility of taking control over a CAN enabled
vehicle remotely just by hooking four wires.”
Thus far, the CHT (Can Hacking Tool), works via Bluetooth, so it has
limited range, but Vidal intends to upgrade it to receive GSM signals
via a cellphone network. Vidal claims the tool is “totally untraceable”
Last year, a U.S. senator warned that modern cars were increasingly vulnerable to attack by hackers
– either stealing information, or injecting malware, a U.S. Senator
warned in a letter to 20 major auto manufacturers last year, as reported
by We Live Security.
Senator Edward J Markey, Democrat, Massachussets, pointed out in his publicly available letter that average cars now have up to 50 electronic control units, often controlled by a car “network”.
The open letter ignited a spate of commentary, with Market Oracle
describing the crime as “cyberjacking”, and pointing out that the
average family car contains 100 million lines of computer code, and that
software can account for up to 40% of the cost of the vehicle,
according to researchers at the University of Wisconsin-Madison.
Hacks against cars have been demonstrated before – but thus
far, all have relied on attackers having physical access to the
vehicles. At the DefCon conference this year, two researchers showed how
they could seize control of two car models from Toyota and Ford by
plugging a laptop into a port usually used for diagnostics, as reported
by We Live Security here.
So far, though, attacks where vehicles are “taken over” wirelessly have not been widely demonstrated.
“At the moment there are people who are in the know, there
are nay-sayers who don’t believe it’s important, and there are others
saying it’s common knowledge but right now there’s not much data out
there,” said Charlie Miller, one of the ‘car hackers’ at Defcon. “We
would love for everyone to start having a discussion about this, and for
manufacturers to listen and improve the security of cars.”
No comments:
Post a Comment