Hackers Remotely Kill a Jeep on the Highway—With Me in It

Found on Wired on Wednesday, 22 July 2015
Browse Technology

Though I hadn’t touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on my back through the in-seat climate control system. Next the radio switched to the local hip hop station and began blaring Skee-lo at full volume.

Their code is an automaker’s nightmare: software that lets hackers send commands through the Jeep’s entertainment system to its dashboard functions, steering, brakes, and transmission, all from a laptop that may be across the country.

Thanks to one vulnerable element, which Miller and Valasek won’t identify until their Black Hat talk, Uconnect’s cellular connection also lets anyone who knows the car’s IP address gain access from anywhere in the country. “From an attacker’s perspective, it’s a super nice vulnerability,” Miller says.

Security should be important, and that not just mean brakes and airbags. With that ridiculous need to connect everything to the Internet, they open up an entire new can of worms. They might have control over the hardware development of the car, but when you import a piece of not audited software, your customers pay the price. Imagine someone figures out a similar exploit, sends it out via zombies and suddenly cars all over the world cause accidents.