Hacker safety risk for new cars

Every modern car is dependent, to some degree, on electronic brainpower. From the control of vehicle dynamics, to passenger entertainment and comfort, and, most significantly, to safety.

While some of us have lived with the silent, secret fear of the potential for things to go wrong in some of the systems on which we have become so dependent – such as stability control and anti-lock braking systems – thoughts of deliberately induced malfunctions have rarely entered our consciousness.

But a recent report in the US magazine Forbes suggests these are a possibility we may eventually have to face.

In a number of exercises involving a 2010 Ford Escape and a 2010 Toyota Prius, Forbes journalist and vehicle driver Andy Greenberg was joined by a couple of Pentagon-funded hackers travelling in the back seat who proved it was possible to access a car’s computer systems with the potential of wreaking serious damage.

With the understanding that any modern car is essentially a computer network on wheels, the dastardly couple progressively hacked into the electronics controlling the cars’ various dynamic systems.

From the steering, to the brakes and accelerator, the duo was able to override the driver and manipulate the cars’ behaviour to a potentially frightening degree.

Not only did they immobilise the braking system on the Escape to the extent the driver’s foot had no effect whatsoever, they also prompted the Prius’ steering system to jerk the car from side to side by operating the self-parking system on the move – again, with no input from the driver.

In both cases, the cars were travelling at barely more than walking pace so no damage was inflicted – although the Forbes report said one of the hackers partly wrecked the rear wall of his garage when he first discovered how to hack into the family vehicle’s braking system.

The Forbes article quotes examples of what the hacker pair was able to do: They induced “commands from their laptops that killed power steering, spoofed the GPS and made pathological liars out of speedometers and odometers,” as well as sounding the horn and violently activating the Prius’ brakes at high speeds.

Performing any such stunts on a public road would clearly have a potential for grisly results and that is why the hacker pair is bringing up the issue in early August at the annual Def Con hacker conference in Las Vegas.

They’re worried that the interactive onboard wireless systems being adopted by many car-makers are potentially open to hackers.

And the problem, they claim, is going to intensify as more and more cars connect to the internet. The magazine cites Ford’s SYNC system, Toyota’s Safety Connect and General
Motors’ OnStar as examples. The potential for future hackers to interfere by remote control with car electronics, even over vast distances, is very real.

Where does the industry stand? The Forbes article quoted Ford as saying it takes hackers “very seriously” while Toyota said it, and “the entire auto industry,” is focussed on preventing “hacking from a remote wireless device outside the vehicle”.

Despite such assurances it’s all a scary prospect. The car-driving public’s safety is pretty much in the hands of the manufacturers.