A hacking incident led to the recall of 1.4 million Dodge, Jeep, Ram and Chrysler vehicles (Image: Joe Raedle/Getty)
A couple of weeks ago, a small team of security researchers gathered near a car parked outside one of their company’s buildings. The vehicle was on loan to them from a carmaker, and the goal was to find out how hackable it was.
The team did not need to physically connect to the vehicle or even enter it – they simply jacked in over Wi-Fi. When they did, they soon found an unexpected vulnerability.
“There was a route through to the vehicle network where the more sensitive, safety critical systems are,” explains Andy Davis of NCC Group, an information security specialist based in Manchester, UK. He says his team could have used this security breach to fiddle with the car’s automatic braking.
“If someone thought their automated braking was turned on, we could have turned it off without them knowing.”
It’s the kind of penetration test that NCC Group and their partner SBD, an automotive security specialist based in Milton Keynes, UK, do for car companies all the time. In fact, the firms say they carry out work for around 95% of the world’s vehicle manufacturers.
News that security researchers Chris Valasek and Charlie Miller were able tomade international headlines recently. It also resulted in the recall of 1.4 million vehicles by Fiat Chrysler, which owns Jeep.
This entry passed through the Full-Text RSS service – if this is your content and you’re reading it on someone else’s site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.