CATEGORIES
home News

Security Researchers Remotely Hijack Jeep Steering, Brakes Using UCconnect Vulnerability

by Rob WilliamsTuesday, July 21, 2015, 01:30 PM EDT

One of the biggest concerns revolving around ever-improving vehicle technologies is the risk of their security being breached and an exploiter causing something bad to happen. After all, our vehicles are now kitted out with computers - they are computers - and whether we're talking about the desktop, mobile, or enterprise, we see computers get breached a lot.

Well, if you've tried to convince yourself that the computers in our vehicles are more bulletproof than those used elsewhere, you're about to have a rude awakening.

Wired Hacked Vehicle Remote
Tapping into and controlling the remote vehicle

Over at Wired, a proof-of-concept has been exhibited using a Jeep Cherokee. The writer, driving some 70 MPH in downtown St. Louis, had to battle various vehicular maladies at random. Simply reading the tale is enough to tighten up a little bit:

"Though I hadn’t touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on my back through the in-seat climate control system. Next the radio switched to the local hip hop station and began blaring Skee-lo at full volume. I spun the control knob left and hit the power button, to no avail. Then the windshield wipers turned on, and wiper fluid blurred the glass."

Oy. It's probably obvious that this test wasn't random; the writer was a guinea pig so that he could learn first-hand what could happen. This wasn't sanctioned by Jeep; this is security research with real working code. And that's beyond scary.

During the test, along a highway without a shoulder, the remote hackers pulled a trick that would have stressed almost anyone out: they cut the transmission. This caused the driver to be stuck in traffic, and hold up traffic, which included an impatient 18-wheeler. That's when an experiment like this ceases to be fun.

Wired Hacked Vehicle
The test vehicle after its brakes were remotely disabled

The most frightening thing about this series of attacks is that they were entirely done wirelessly. With the proper set of tools and an IP address, someone can literally overtake your vehicle and ultimately cause something a lot worse than cranking your music volume.

The hacker duo is planning to unveil some of their findings at the Black Hat conference in Las Vegas next month. There are already regulations being worked on to help improve vehicle security, but it's admittedly disappointing that this kind of exploitation is possible right now with a vehicle that's already on the market.

Maybe there's some value in sticking with an older vehicle?

Tags:  exploit, jeep, OTA, uconnect, hijack
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment