A journalist for the magazine Wired has written about how his car was “remotely killed” while he drove at 70 mph in America.
“Though I hadn’t touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on my back through the in-seat climate control system” writes reporter Andy Greenberg. “Next the radio switched to the local hip hop station and began blaring Skee-lo at full volume. I spun the control knob left and hit the power button, to no avail. Then the windshield wipers turned on, and wiper fluid blurred the glass.”
Mr Greenberg was part of an experiment, where he agreed to work with two hackers, Charlie Miller and Chris Valasek, to test the car-hacking research they’d been doing over the past year. The result of their work, he wrote, was a hacking technique that can target Jeep Cherokees and give the attacker wireless control, via the Internet, to any of thousands of vehicles.
But then, as he writes, it ceased to be “fun”, when the transmission was cut.
“Immediately my accelerator stopped working. As I frantically pressed the pedal and watched the RPMs climb, the Jeep lost half its speed, then slowed to a crawl. This occurred just as I reached a long overpass, with no shoulder to offer an escape. Cars lined up behind my bumper before passing me, honking. I could see an 18-wheeler approaching in my rearview mirror. I hoped its driver saw me, too, and could tell I was paralyzed on the highway.”
All of this is possible only because Chrysler, like practically all carmakers, is doing its best to turn the modern automobile into a smartphone. Uconnect, an Internet-connected computer feature in hundreds of thousands of Fiat Chrysler cars, SUVs, and trucks, controls the vehicle’s entertainment and navigation, enables phone calls, and even offers a Wi-Fi hot spot. And thanks to one vulnerable element, it means anyone who knows the car’s IP address gain access from anywhere in the country.
Andy Greenberg adds that “the most disturbing” manoeuvre came when they cut the Jeep’s brakes, leaving him pumping the pedal as the vehicle slid into a ditch (pictured).
Miller and Valasek plan to publish a portion of their exploit on the Internet, timed to a talk they’re giving at the Black Hat security conference in Las Vegas next month.
Picture above – Wired. Full report here.