Car hacking is the manipulation of the code in a car's electronic control unit (ECU) to exploit a vulnerability and gain control of other ECU units in the vehicle.
Car hack demonstrations have targeted a variety of makes and models of cars, gaining control of various systems including the entertainment center, speedometer, gas gauge, brakes, steering, air bags and accelerometer. Proof-of-concept (POC) exploits have successfully breached the systems of both driven and driverless cars.
In one demonstration, security researchers Charlie Miller and Chris Valasek wirelessly hacked a Jeep while it was driving on the highway. According to journalist Andy Greenberg, who was in the vehicle, Miller and Valasek were able to control the vehicle’s air vents and windscreen wipers, dashboard functions, transmission and brakes. They then disabled the brakes, sending the Jeep crashing into a ditch.
The researchers exploited vulnerabilities in Uconnect software, which Fiat Chrysler vehicles use to control the entertainment system and enable features such as remote locking and the ability to start the car with a smartphone app. According to Miller and Valasek, the biggest security vulnerability is the vehicles’ ability to connect with the Internet, because anyone who knows its IP address can access its computer systems.
Chrysler subsequently sent out a USB software update to more than 1.4 million vehicles.
Watch as Miller and Valasek hack Andy Greenberg's SUV on the highway: