The most interesting Internet-connected vehicle hacks on record

As researchers turn their attention to vehicles, we've seen everything from sending drivers into a ditch to brakes which suddenly won't work.

You would have to be a particular breed of person to tamper with the brakes or steering of a car with a helpless driver-turned-passenger inside, but the concept of car hacking is still a reality today.

Several years ago, a team of IOActive researchers demonstrated how they could compromise a connected car system in order to run a Jeep off the road.

Since then, automakers and connected vehicle service vendors have begun to take the concept of car cybersecurity seriously.

The company in question has been tracking cybersecurity practices (.PDF) in the automotive industry for a number of years.

According to the firm, automakers are now introducing security measures at the start of manufacture more often but back-end systems still have a way to catch up, with many "low-hanging fruit" vulnerabilities still in existence.

Happily, critical bugs are becoming scarce -- especially as we've seen what can happen when they are exploited.

Below, we have listed some of the most famous examples of how connected vehicles can be compromised, leading to everything from hijacking the steering wheel to changing registration numbers.

It ran me off the road

screen-shot-2018-10-20-at-15-30-54.png
Screenshot via YouTube

The true capabilities of car hacking first truly came into the public spotlight in 2015 when a Wired journalist caught a ride with IOActive researchers Charlie Miller and Chris Valasek.

At 70 mph, the ride, a Jeep Cherokee, began blasting out freezing air through the air conditioning system, the car's radio switched station on its own, the windshield wipers turned themselves on with wiper fluid spurting across the windshield, and then the car ran itself off the road.

CNET: Hyundai, Smartcar to build out Blue Link connected car services

The researchers had remotely exploited a zero-day vulnerability in the vehicle's Uconnect infotainment system, which permits drivers to connect to their cars via a mobile device, to cause such odd behavior.

While the vulnerability existed, it was estimated that as many as 471,000 vehicles could have been vulnerable to such attacks.

Your brakes belong to me


In 2016, Charlie Miller and Chris Valasek took another punt at the Jeep Cherokee. This time, however, the hackers performed a physical attack on the vehicle's CAN bus, which is used to display detailed data such as fuel consumption and the state of an engine.

After hooking up a laptop to the system, the duo was able to seize control of the car's braking system and even at 25 mph was nearly enough to tip over the car.

Break the server, drive away

In 2018, researchers Vangelis Stykas and George Lavdanis detailed a bug in a misconfigured server ran by Calamp which gave them "direct access to most of its production databases."

The misconfiguration gave the pair access to backend systems of Internet-connected vehicle management systems provided by Viper SmartStart.

It was then possible, in theory, to locate vehicles via coordinates, reset passwords, unlock side doors, disable alarms, start the engine and steal the vehicle.

TechRepublic: Black Hat 2018: Connecting cars to enhance the way we drive

Stealing a Tesla in seconds


Poor cryptographic standards in Tesla's key fobs allowed researchers from the KU Leuven University in Belgium to demonstrate the firm's vehicles could be stolen "in a matter of seconds."

Earlier this year, the team was able to compromise the key fobs, which used only 40-bit ciphers, with roughly $600 in radio and PC equipment. After eavesdropping on the key fob signals, the hackers were able to clone the key, open the target Tesla's door, and drive away.

Tesla later deployed a patch to bring key fob encryption up to an acceptable standard.

$100 to unlock any car


OnStar is a connected car system which has a number of safety systems including clicking a button to make emergency calls, as well as stolen vehicle assistance and a live map service to find points of interest while you are on the road.

However, in 2015, security researcher Samy Kamkar revealed OwnStar, a Raspberry Pi-based device which cost less than $100 to make, which compromised this system by way of a Man-in-The-Middle (MiTM) attack.

The researcher was able to use his creation to "locate, unlock and remote start any vehicle with OnStar RemoteLink." He was able to do so by exploiting issues in the service's mobile app, of which were later patched.

CAN I disable your airbag?

Last year, researchers from Trend Micro demonstrated a physical hacking technique which exploited a fundamental issue in how Controller Area Network (CAN) protocols operate -- a necessary requirement for connected vehicles.

The researchers were able to reprogram a car's infotainment system, disable airbags, tamper with locking systems, steal the vehicle, and more.

See also: How automakers are tackling connected vehicle vulnerability management | Connected cars: What happens to your data after you leave your rental car behind? | Why the connected car is one of this generation's biggest security risks

As the problem lay within networking standards, new standards have been recommended to mitigate the risk of exploit.

No navigation

In 2016, Computest researchers Daan Keuper and Thijs Alkemade revealed multiple vulnerabilities which were present in the infotainment systems of some Volkswagen and Audi vehicles. These bugs could be exploited to remotely seize control of infotainment dashboard microphones, navigation systems, and speakers.

Vehicle registration

A zero-day bug uncovered in 2016 by Vulnerability Labs affected the BMW web domain and ConnectedDrive portal, an area for owners of new, connected vehicles. The security flaw permitted attackers to tamper with the vehicle registration numbers of cars.

Previous and related coverage