Here’s a chilling thought: hackers have figured out a way to remotely manipulate cars. In a feature over on Wired, writer Andy Greenberg says he was driving on the highway when a Jeep Cherokee he was riding in suddenly began going haywire, taking on a mind of its own, until eventually rolling into a ditch.
Charlie Miller and Chris Valasek, two security experts set to give a Black Hat talk, demonstrated the exploit while Greenberg was driving down the highway in St. Louis. In the demonstration, which takes advantage of Fiat Chrysler Automobiles’ Uconnect software, Miller and Valasek were able to operate the climate control, radio, windshield wipers and even project themselves onto the Cherokee’s in-dash display. Worse, if Miller and Valasek wanted to, they could have controlled the transmission and even cut the brakes.
The truly horrifying part is that there was nothing Greenberg could do to stop it. In more nefarious hands, the exploit could lead to some very unfortunate results. What’s amazing is that Miller and Valasek were able to demonstrate the terrifying exploit using an Internet connection more than 10 miles away. Greenberg was merely a guinea pig in one messed up experiment.
Uconnect is installed in hundreds of thousands of cars, from 2013 on, which means a lot of people are potentially at risk. Miller and Valasek are urging drivers to update their onboard software in order to avoid any potential issues, though it’s frightening that an exploit was even discovered in the first place.
For a more thorough explanation of exactly how the exploit works, and what it’s like to be behind the wheel of one of the affected cars, head on over to Wired for Greenberg’s full account. Hint: it isn’t pretty.