Researchers have revealed how they were able to control a Corvette with little more than a simple SMS message.
This hasn't been a good month for the automotive industry. Our cars are no longer simply wheels, a chassis and mechanical controllers; instead, modern cars are equipped with interactive dashboards, sensors, mapping technology and even the occasional camera to cover our blind spots.
While such technical advancements have the potential to make driving safer, once you network a car, you create a channel for vulnerabilities to be exploited.
In July, researchers revealed how easily they could compromise Jeeps equipped with uConnect software, resulting in as many as 471,000 vehicles in the United States being potentially vulnerable to remote control via an IP address. Following the Jeep debacle, security researcher Samy Kamkar later revealed how a $100 gadget could be used to control the functions of General Motors vehicles.
This isn't the end of connected car security problems this year. On Tuesday, researchers from the University of California demonstrated at the USENIX security conference how to tap into cellular networks in order to gain wireless access to vehicle driving functions.
A dongle, available commercially, is often used by corporations and insurance firms to monitor where and how a car is being driven by employees. Cheap and convenient, nevertheless, security vulnerabilities could place these fleets and their drivers at risk.
The control unit is plugged into a vehicle's onboard diagnostic (OBD-II) port, allowing the device to monitor speed, distance and braking -- before sending this data to insurance companies.
However, these cheap devices are not exactly secure -- and these dongles have become the conduit for a simple attack which can remotely control a car.
Lead researcher Stefan Savage and his team developed a carefully crafted SMS message to an OBD2 dongle, plugged into the dashboard of a 2013 Corvette. As reported by Wired, the researchers were able to send commands to the car's internal network which controls physical driving components -- turning on windshield wipers and tampering with the Corvette's braking system.
Savage told the publication:
"We acquired some of these things, reverse engineered them, and along the way found that they had a whole bunch of security deficiencies. [The dongles] provide multiple ways to remotely [..] control just about anything on the vehicle they were connected to."
In an accompanying video, the security researchers demonstrated these attacks, and said while braking system manipulation was hampered by low-speed control functions, the SMS-based attack could be adapted for almost any other vehicle and taking over functions such as locking, steering and transmission.
The OBD2 dongle is manufactured by French firm Mobile Devices and distributed commercially by companies including Metromile. When the team notified the firms about the flaw, a wireless patch was developed and sent to all customers who may have been affected.
Ken Westin, Security Analyst for Tripwire told ZDNet:
"One of the trends I am seeing in automotive system vulnerabilities is that many of these systems are using networks and protocols designed for cellular and IP networks; these were tools were designed to facilitate human to human interaction.
When these networks and protocols are repurposed for machine to machine communication they become vulnerable to a variety different threat models."
View the video below:
Read on: Top picks
- How to access Wi-Fi anonymously from miles away
- Apple OS X zero-day flaw hands over root access without system passwords
- Getting physical: A $10 device to clone RFID access keys on the go
- Amazon dreams of drones-only airspace
- Strike the source: RIAA targets BitTorrent protocol to block pirate content
- Three top tips to keep connected cars safe from hackers