Car Hacking – A Never Ending Bowl Of Fun

October 1, 2015 mitch tanenbaum Leave a comment

The Automobile hacking community is having a bang-up year.

In a Wired article today, Andy Greenberg talked about two new car hacking techniques – both completely different from the ones I have talked about before.

The first one is to use the Wi-Fi network in the dealer’s waiting room to hack the diagnostic equipment in the shop. Likely auto dealerships don’t have sophisticated IT departments and that Wi-Fi could likely be on the same network as the shop.

Once you take over the shop equipment, you program it to infect every car it gets plugged into. That would likely be thousands of cars a month. Likely, most of the cars that come into the dealer’s shop are the same brand(s) as the dealer sells, and likely newer models, so that makes the hacker’s job easier.

The second attack is the reverse of this.

Given that there are only a few brands of diagnostic computers that mechanics use (such as Bosch and Snap-On), bring your car into the dealership already infected. That way you can take as much time as you need to set it up. When the mechanic plugs in his toy, your car infects the mechanic’s diagnostic tool and from there, you proceed like the hack above.

In both cases, you are using the dealership as a “typhoid Mary”. What kind of PR does that give the dealer when the news breaks at 6PM on the local TV station.

The other story is that the Virginia State Police are working with the University of Virginia, Mitre, Johns Hopkins and other to hack their police cars. These are are old (2012) Chevy Impalas and Ford Tauruses. While these (early in the program) hacks required hands on access to set up the hack, the researchers were able to totally own the cars.

The State Police thinks that buying “connected” cars would be a bad move for them – they must watch 60 Minutes.

Still, given access, relatively old, non connected cars were still hackable to the point that they were able to stop the car from even starting.

Why are they interested in this? Besides getting my award for the most forward thinking police department in the country?

First, to train their officers so that in case their car is hacked, they understand the parameters.

But more importantly, to train their forensics investigators to be able to BEGIN testing cars at accident scenes to see if they were hacked and the hacking caused the accident.

While this is VERY early stage work, I am not aware of any other police department in the country doing this.

If I was a hitman. err, excuse me, hit person. If I was a hit person and wanted to make a kill look like an accident, causing a car to drive off a cliff with my target in it and explode in a ball of flames might be pretty much undetectable by 99 and 44/100% of the crime scene investigators in the country – even if they knew what they were looking for. Likely the car’s computers would have gotten burned up in the explosion, covering up the tampering – assuming the investigators even knew what to look for (you would have to be able to look at the code that was running in the tens of computers (more in a high end car) in the car at the time to figure out if any of them had been modified. Given that the Jeep hack on 60 Minutes was done by reprogramming the radio (excuse me, on-board entertainment system), you would have to look at each and every computer to invalidate the hacking claim.

There are already some suspicious car accidents that at least some people believe fit this profile.

At least people are beginning to plan for this. It is inevitable. I don’t think the car manufacturers will spend the money needed to thwart them.

Information for this article came from Wired and Dark Reading.