Threat of vehicle hacking much bigger than one model, automaker


The future of car-hacking is now.

That appears to be the lesson of the recent demonstration of hacking involving a Jeep Cherokee, which instigated the recall of about 1.4 million vehicles by Fiat Chrysler Automobiles (FCA).

Evidence suggests that drivers and shoppers are aware of the danger but don’t feel threatened yet.

“Few consumers consider vehicle hacking a major problem today, but many feel it will be a real threat in the next one to three years,” said Karl Brauer, senior analyst for Kelley Blue Book, reporting results of a KBB.com Vehicle Hacking Vulnerability Survey of 1,134 website users.

Many consumers feel car hacking will be a real threat in the near future.
Many consumers feel car hacking will be a real threat in the near future.

In fact, nearly 80 percent of those surveyed say hacking will be a frequent problem in that time frame.

In the Jeep demonstration, two hackers exploited a “zero-day” vulnerability in the vehicle’s Uconnect system to gain wireless access to its entertainment systems, controls, steering, brakes, transmission and more – from more than 10 miles away – ultimately causing the car to crash into a ditch.

But the Jeep Cherokee isn’t the only vehicle or FCA the only manufacturer susceptible to hacking.

“Nearly 100 percent of cars on the market” are vulnerable to hackers who could steal data or gain control of the vehicle, according to an earlier report by the staff of U.S. Sen. Ed Markey.

Imagine losing control of your vehicle while you’re out on the road.
Imagine losing control of your vehicle while you’re out on the road.

“We’re at a point, where, from a technology perspective, just like a PC can be attacked, so can a car,” Brett Hansen of Dell told a reporter. “What we need to think about is: What are the exploits that we need to focus upon to minimize the attack surface and thus reduce risk?”

The Jeep demonstration has served the purpose of alerting drivers and shoppers to the potential threat.

Awareness of the Jeep hacking incident is very high, with nearly three-quarters of the survey respondents indicating they had heard about it, according to KBB. About 40 percent said they would consider this recent hacking incident when buying or leasing their next car.

Although hackers targeted Jeep, other vehicles likely are just as vulnerable.
Although hackers targeted Jeep, other vehicles likely are just as vulnerable.

“Technology offers a wide range of enhanced convenience for today’s new-vehicle buyers, but it also offers the increasing potential for unauthorized success and control,” said Brauer.

“Cyber-security is still a relatively new area of specialization for automakers, but it’s one they need to take seriously to ensure they are ahead of the curve. If automotive engineers find themselves playing catch-up in this field, it could have disastrous results for both consumers and the industry.”

Meanwhile, consumers apparently “are highly skeptical that a comprehensive solution to prevent vehicle hacking can ever be developed,” said Brauer, based on survey results, “though an overwhelming majority would be willing to pay for hack-proof vehicle security if it existed.”