Currently reading: Matt Prior's tester's notes - are we at risk from car hacking?

It's already been proven that hackers could gain access to a car's systems through its infotainment system - so should we be worried?

When, in 2013, hackers Charlie Miller and Chris Valasek hard-wired their laptops into a Ford Escape and a Toyota Prius and assumed control of the cars’ electronic systems from the back seat while a journalist from Wired magazine drove around a car park, some of the car industry raised an eyebrow about the potential for cars to be electronically hacked.

But back then, the pair of them needed access to a diagnostic port, and – hey – who’d give that sort of access to a hacker?

So last week, while the same Wired reporter drove a Jeep around the outskirts of St Louis, the same hackers sat on a sofa 10 miles away and remotely gained control of the car’s systems. Not just a few innocuous ones, 
such as the wipers or stereo, 
but ones like the engine, brakes and transmission.

So now everyone has raised an eyebrow and is wondering what the motor industry is going to do about a potentially catastrophic security flaw.Cars are more connected and, electronically, more complex than ever.

They’ve become that way innocently enough. As wiring looms for all of a car’s features – ABS, hi-fi, lighting, engine, transmission and so on – became massively complicated, a bright spark at Bosch had the idea of sharing a common set of wiring, called a CAN bus, along which power and data info could be passed.

The CAN bus saves a lot of wiring and therefore a lot of weight and money but means a car’s electronic control units – of which a car might have dozens – are all effectively connected to each other.

None of which would have been seen as a problem in the 1990s when CAN buses started being used, because no one would have thought you could sit in your pants on a sofa and gain malicious access to it.

But with increased internal complexity has come increased connectivity. So if, say, your stereo can stream from the web, or the diagnostics or the navigation or the multimedia system can talk to the outside world, that’s a portal that’s vulnerable to hackers.

And if the ECUs for the ABS, the self-park steering system, the throttle or even the automatic gearbox are all loosely connected to that same portal, they’re all fair game to a hacker.

The solution, of course, is that new security precautions will have to be reverse engineered into cars’ electronics systems –
systems that you probably didn’t want or ask for in the first place but which have become ever more prevalent and for which you’ll pick up the tab to make them more secure. Because although it’s unlikely someone will want to take control of 
your car, the implications of 
not securing the system don’t bear thinking about.

Get the latest car news, reviews and galleries from Autocar direct to your inbox every week. Enter your email address below:

Back to top

Matt Prior

Matt Prior
Title: Editor-at-large

Matt is Autocar’s lead features writer and presenter, is the main face of Autocar’s YouTube channel, presents the My Week In Cars podcast and has written his weekly column, Tester’s Notes, since 2013.

Matt is an automotive engineer who has been writing and talking about cars since 1997. He joined Autocar in 2005 as deputy road test editor, prior to which he was road test editor and world rally editor for Channel 4’s automotive website, 4Car. 

Into all things engineering and automotive from any era, Matt is as comfortable regularly contributing to sibling titles Move Electric and Classic & Sports Car as he is writing for Autocar. He has a racing licence, and some malfunctioning classic cars and motorbikes. 

Join the debate

Comments
8
Add a comment…
RPrior 7 August 2015

And now Tesla Model S..............

Wired published yesterday hackers had successfully gained access to a Tesla MOdel S.

Same day, Tesla issued an automatic software patch that Tesla owners could protect their vehicles (upon giving their consent).

Not for Tesla a recall of all their vehicles, merely a very efficient security solution delivered to all Tesla owners within 24 hours of security breach notification.

The way of the future..............

Adrian987 7 August 2015

Good news

RPrior wrote:

Wired published yesterday hackers had successfully gained access to a Tesla MOdel S.

Same day, Tesla issued an automatic software patch that Tesla owners could protect their vehicles (upon giving their consent).

Not for Tesla a recall of all their vehicles, merely a very efficient security solution delivered to all Tesla owners within 24 hours of security breach notification.

The way of the future..............

Welcome to hear. Funny how the "good news" like that never seems to hit all the headlines in the same way as the bad/shocking stories do!

DBtechnician 7 August 2015

For those really interested in car hacking

You should check this out :-
www.markey.senate.gov/imo/media/doc/2015-02-06_MarkeyReport-Tracking_Hacking_CarSecurity%202.pdf
DBtechnician 7 August 2015

Was Michael Hastings car hacked ?

Michael Hastings was found dead in his burnt out wreck after apparently having an accident on a straight road where no other vehicle was involved. What makes this accident stand out was Mr Hastings was a journalist working on a big story about the former director of the CIA John Brennan. Before his death he had expressed concerns to friends that the FBI were investigating him and his colleagues and that he had told a neighbour that he thought his car had been tampered with. Witnesses of the accident told how his car had just suddenly accelerated before hitting a tree? My opinion is this is no doubt within the capabilities of the CIA especially when you consider the Stuxnet Virus designed to interfere with the Iran Nuclear programme.