Why? Because cars are now definitely hackable. It has been proven. By driving a Chrysler Jeep Cherokee in a ditch. Let me tell you guys: It didn’t end well for the car!
What basically happened is this: Two security researchers, Charlie Miller and Chris Valasek, were asked by WIRED writer Andy Greenberg to hack his car.
“I WAS DRIVING 70 mph on the edge of downtown St. Louis when the exploit began to take hold.
Though I hadn’t touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on my back through the in-seat climate control system. Next the radio switched to the local hip hop station and began blaring Skee-lo at full volume. I spun the control knob left and hit the power button, to no avail. Then the windshield wipers turned on, and wiper fluid blurred the glass,” he describes the experience.
But that was merely the beginning. After Greenberg entered the highway the two hackers cut the transmission. Yes, you’ve hear right. The results? The accelerator stopped working. The car got slower and slower. Cars were honking and driving by. But “the most disturbing maneuver came when they cut the Jeep’s brakes, leaving me frantically pumping the pedal as the 2-ton SUV slid uncontrollably into a ditch.”
Are you not sure whether to believe the tale or not? Then just take a look at his expercience yourself:
But how can something like that even happen? The issue apparently lies in a wireless service called Uconnect which connects these cars to the Sprint cellphone network. Uconnectis featured in hundreds of thousands of Fiat Chrysler cars, SUVs, and trucks. It not only controls the vehicle’s entertainment and navigation systems but also, enables phone calls, and offers a Wi-Fi hot spot! The researchers only had to find a vulnerability – which they did – to access and control the car’s system. Anyone who knows the IP address can gain access to it.
Luckily Chrysler released a patch – so make sure to apply it ASAP if you own one of the vulnerable cars. But while it fixes the described issue, how many others remain unfound, exploitable and dangerous?