ITWeb Security Summit shows how to hack a car
The ITWeb Security Summit is one of my favourite events. It is also one of the scariest events. Key-note speakers stand before a mix of 500 fellow security officials and company executives and explain in great detail just how insecure all our data actually is. Each hacker who refer to themselves as “security researchers” outlines flaws in encryptions, flaws in networks, flaws in email and basically flaws in everything we know to be true. Those companies who assume that just having a firewall and anti-virus systems means they are protected are the ones most at risk. They think that encryption of data offers them and their data security, but it doesn’t. As was quoted: “”If you think cryptography can solve your problem, then you don’t understand your problem and you don’t understand cryptography.”
One of this year’s highlights was the session titled:Hacking cars via the CAN bus. This session was run by Charlie Miller, security engineer at Twitter and four-time winner of the CanSecWest Pwn2Own competition and Chris Valasek, director: security intelligence, IOActive.
Car hacking is possible as the car systems were designed decades ago without security in mind. “If the age of the car is older than the hacker, then it probably has no security” jokes Chris.
How to hack you car – what you need to know
Warning: when you read this you will not look at your car the same way again. Of course do not attempt this at home and things can and do go horribly wrong.
When post people think of car hacking they think of someone being able to get into your car via Bluetooth or via the tire-pressure monitoring systems or via the car’s infotainment system. This is just one one way to hack the car. The first part of car hacking involves getting into the car’s system via the CAN Bus.
What is a CAN BUS ?
Modern day cars are full of computers. These computers, and there could be 30 of them or more, are known as ECU Electronic Control Units) . They communicate by sending messages from the ECUs to the required location (eg. seat warmer or fuel gage) and these messages travel using the protocol known as the CAN automotive bus.
Car hacking involves largely interception those messages and replacing them with the hacker’s own messages that “instruct” the car components what to do. The CAN messages are priority based. So messages ID05 will be delivered faster than messages ID06. Therefore hackers can set their ID to a low number so that the ECUs will react to those messages. The hacker can also send those messages much faster than the ECUs is expecting so they flood the system drowning out the real messages.
Charlie does reiterate that there are lots of safety features in the car’s design and certain components are connect directly to their objective eg. the accelerator has a direct line to the accelerator ECU so hackers cant intercept that. Furthermore, Charlies says that “If you want to change the speedometer value you cant change what that computer tells the speedometer so you have got to be louder than the ECU which is sent to report at certain intervals which hackers can attack faster.”
some examples of how Charlie and Chris hacked a car and what they made it do:
Take over the steering –
Disable the car’s off button –
Turn the hooter on even when the car is off –
Its pretty scary to think that software from a laptop can effect the way the car behaves.
How to secure a car ?
Whilst ideally all messages travelling inside the car’s system should be encrypted, in reality the computers in the car can not decrypt each message fast enough and still do their function. “It is not acceptable for the airbag to be deployed 0.1 second later. Waiting 0.1 seconds longer to get into Gmail is fine but not in applying the breaks” says Chris.
So the answer is not straight forward. But neither is the hack of the car’s system. Each car is unique and messages that work in one model will not work in another.
Will our cars be taken over by some kids with an internet connection ? probably not at this stage. However, as cars get “smarter” and more connected to the internet, then the problem will be amplified as hackers try find and expose security holes. Until then, a drunk driver or texting whilst driving is more of a threat.
*image from Shutterstock.com