June 27, 2013 | Category: Cyber Security | Tags: , Views: 1830

Car Hacking Just Got Deathly Serious

Car Hacking thought to be the Cause of Journalist Michael Hastings’ Death

Michael Hastings DeathHacking into a computer or a computer system is a serious issue that companies and security teams have to face. In itself it is a rather scary thing, but what’s even more frightening is that now that threat has expanded to cars.

All the vehicles out there with advanced technology such as GPS, OnStar, and park-assist leave themselves vulnerable to threats of car hacking, and have sparked much discussion about the threats and ramifications of someone doing just that.

As of June 18, the talk became a lot more serious.

Journalist’s Death Being Blamed on Car Hacking

Michael Hastings was a gutsy journalist known for exposing political scandals and investigating drama surrounding public figures. He died on June 18 around 4:30 in the morning when his Mercedes C250 coupe crashed into a tree in Los Angeles, CA and caught on fire, reports the Huffington Post.

Rumor has it that the accident was due to car hacking.

While the speculated cause has not yet been proven, Richard Clarke, former U.S. National Coordinator for Security, Infrastructure Protection, and Counter-terrorism says details of the crash are what would be expected in a car hacking attack, he told the Huffington Post.

The technology that would allow someone to hack into and control a car certainly exists. According to the New York Times, researchers at the University of California, San Diego and the University of Washington proved in an experiment that someone could remotely take control of a car’s functions including brakes, locks, and engine.

The Technology Behind It

The car on which they experimented was representative of many cars on the roads today; in other words, they didn’t go buy some top-of-the-line, fancy new vehicle. They simply call it “a moderately priced sedan” without disclosing the make and model, according to the New York Times.

The researchers said that because many cars use Bluetooth and cellular technology, it’s easy for a hacker to gain access to the vehicle, track its location, and control assorted functions.

In this experiment, the researchers were able to get passed the car’s cellular security and access the electronic control unit (ECU). An ECU is part of the electrical system in a car, and is essentially the car’s brain. It controls everything from lighting up the turn signal to running cruise control to operating the CD player.

An article in the technology section of the New York Times says that most cars have around 30 to 40 different ECUs, and luxury cars can have upwards of 100.

The security company, Norton, agrees that cars are vulnerable to hacking. Researchers and scientists at various universities have proven that a hacker can disable a vehicle or cause the horn to honk uncontrollably, track a car’s movements through the tire pressure system, and even disable the brakes by getting into the on-board computer.

See our blog to learn more about the other cyber issues related to car hacking.

Car Hacking or Just an Accident?

While car hacking cannot for sure be deemed the cause of Hastings’ accident, it is not being ruled out.

His reputation for being such a relentless reporter is sparking some conspiracy theories about whether or not foul play was involved. Clarke told the Huffington Post that solving this mystery would require the very best detectives and investigators.

The issue is that determining if this was a true car hacking attack is next to impossible. The on-board computers were melted during the fire, according to the Huffington Post, and a witness said the engine was found 50 to 60 yards away from the car. But even if the on-board computers hadn’t been destroyed, Clarke said that if someone did hack Hastings’ vehicle they would probably get away with it.

This leaves us asking the question, how can we improve our technology and skills in order to tell whether future incidents such as this were the result of a car hacking or purely driver error?

Related Post

The Iranian Cyber Army is Still a Maturing Threat