September 2015

Volume 30 Number 9

Editor's Note - Internet of Car Wrecks

By Michael Desmond | September 2015

I used to drive a Jeep Wrangler and I loved the bare bones character of the little truck. Hand-cranked windows, manual locks, a five-speed manual transmission, and doors that came off with just the turn of a couple nuts. There’s something to be said for luddite simplicity and ruggedness—especially given mounting evidence that new automobiles may be vulnerable to attack via their Internet-connected infotainment systems.

A recent article from Wired magazine (wrd.cm/1KvuymJ) describes how security experts Charlie Miller and Chris Valasek remotely hijacked a Jeep Cherokee SUV, using a zero-day exploit to hack into the car’s UConnect system, which operates on the Sprint cellular network and provides entertainment, navigation and communication functionality. From there, the article reports, they were able to rewrite firmware in the car’s entertainment head unit, which won them access to the controller area network (CAN) bus. The CAN bus is an industry standard conduit for car-based microcontrollers and devices to communicate with each other. Once Miller and Valasek had access to that, they gained a level of control over steering, brakes, throttle, and a host of other critical functions and controls.

It begs the question: In what world did it seem like a good idea for mission-critical controls to share trusted network space with infotainment systems linked to the public Internet? The CAN bus is inherently insecure. It’s unencrypted, provides no segmentation or firewalling of components on the network, and has no ability to discern malicious commands from legitimate ones.

In the article, author Andy Greenberg recounts driving as Miller and Valasek—working on a laptop 10 miles away—went to work, turning on the air-conditioning, blaring the radio at full volume, and activating the windshield wipers as wiper fluid sprayed across the glass. Inside the car, Greenberg was unable to counter any of these actions. A few minutes later Miller and Valasek disabled the transmission, causing the car to slow in traffic even as Greenberg revved the engine. In a later demo, the two disabled the car’s brakes, causing the vehicle to settle into a ditch.

This isn’t the first such demonstration. “60 Minutes” in February broadcast a report (cbsn.ws/1VMbHHi) that showed a sedan driven by CBS correspondent Leslie Stahl being wirelessly hijacked by Dan Kaufman, head of the Information Innovation Office at the Defense Advanced Research Projects Agency (DARPA).

I see all this as an early test of the Internet of Things (IoT) concept. Carmakers are not uniquely negligent in securing IoT systems—by most accounts, almost everyone is bad at it—but the risk they face is severe. As Miller and Valasek showed, a hijacked car could result in injury or death.

Carmakers are getting the message, as evidenced by Fiat Chrysler’s recall of 1.4 million UConnect-equipped cars just two days after Wired published its story. I just hope device and system makers in other industries are paying full attention.

Michael Desmond is the Editor-in-Chief of MSDN Magazine