Andy Greenberg

I was driving 70 mph on the edge of downtown St. Louis when the exploit began to take hold.
Though I hadn’t touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on my back through the in-seat climate control system. Next the radio switched to the local hip hop station and began blaring Skee-lo at full volume. I spun the control knob left and hit the power button, to no avail. Then the windshield wipers turned on, and wiper fluid blurred the glass.
As I tried to cope with all this, a picture of the two hackers performing these stunts appeared on the car’s digital display: Charlie Miller and Chris Valasek, wearing their trademark track suits. A nice touch, I thought.
The Jeep’s strange behavior wasn’t entirely unexpected. I’d come to St. Louis to be Miller and Valasek’s digital crash-test dummy, a willing subject on whom they could test the car-hacking research they’d been doing over the past year. The result of their work was a hacking technique—what the security industry calls a zero-day exploit—that can target Jeep Cherokees and give the attacker wireless control, via the Internet, to any of thousands of vehicles. Their code is an automaker’s nightmare: software that lets hackers send commands through the Jeep’s entertainment system to its dashboard functions, steering, brakes, and transmission, all from a laptop that may be across the country.

3 thoughts on “Andy Greenberg

  1. shinichi Post author

    Hackers Remotely Kill a Jeep on the Highway—With Me in It

    by Andy Greenberg

    http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/

    I was driving 70 mph on the edge of downtown St. Louis when the exploit began to take hold.

    Though I hadn’t touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on my back through the in-seat climate control system. Next the radio switched to the local hip hop station and began blaring Skee-lo at full volume. I spun the control knob left and hit the power button, to no avail. Then the windshield wipers turned on, and wiper fluid blurred the glass.

    As I tried to cope with all this, a picture of the two hackers performing these stunts appeared on the car’s digital display: Charlie Miller and Chris Valasek, wearing their trademark track suits. A nice touch, I thought.

    The Jeep’s strange behavior wasn’t entirely unexpected. I’d come to St. Louis to be Miller and Valasek’s digital crash-test dummy, a willing subject on whom they could test the car-hacking research they’d been doing over the past year. The result of their work was a hacking technique—what the security industry calls a zero-day exploit—that can target Jeep Cherokees and give the attacker wireless control, via the Internet, to any of thousands of vehicles. Their code is an automaker’s nightmare: software that lets hackers send commands through the Jeep’s entertainment system to its dashboard functions, steering, brakes, and transmission, all from a laptop that may be across the country.

    To better simulate the experience of driving a vehicle while it’s being hijacked by an invisible, virtual force, Miller and Valasek refused to tell me ahead of time what kinds of attacks they planned to launch from Miller’s laptop in his house 10 miles west. Instead, they merely assured me that they wouldn’t do anything life-threatening. Then they told me to drive the Jeep onto the highway. “Remember, Andy,” Miller had said through my iPhone’s speaker just before I pulled onto the Interstate 64 on-ramp, “no matter what happens, don’t panic.”1

    Charlie Miller (left) and Chris Valasek hacking into a Jeep Cherokee from Miller's basement as I drove the SUV on a highway ten miles away.

    As the two hackers remotely toyed with the air-conditioning, radio, and windshield wipers, I mentally congratulated myself on my courage under pressure. That’s when they cut the transmission.

    Immediately my accelerator stopped working. As I frantically pressed the pedal and watched the RPMs climb, the Jeep lost half its speed, then slowed to a crawl. This occurred just as I reached a long overpass, with no shoulder to offer an escape. The experiment had ceased to be fun.

    At that point, the interstate began to slope upward, so the Jeep lost more momentum and barely crept forward. Cars lined up behind my bumper before passing me, honking. I could see an 18-wheeler approaching in my rearview mirror. I hoped its driver saw me, too, and could tell I was paralyzed on the highway.

    “You’re doomed!” Valasek shouted, but I couldn’t make out his heckling over the blast of the radio, now pumping Kanye West. The semi loomed in the mirror, bearing down on my immobilized Jeep.

    I followed Miller’s advice: I didn’t panic. I did, however, drop any semblance of bravery, grab my iPhone with a clammy fist, and beg the hackers to make it stop.

    Wireless Carjackers

    This wasn’t the first time Miller and Valasek had put me behind the wheel of a compromised car. In the summer of 2013, I drove a Ford Escape and a Toyota Prius around a South Bend, Indiana, parking lot while they sat in the backseat with their laptops, cackling as they disabled my brakes, honked the horn, jerked the seat belt, and commandeered the steering wheel. “When you lose faith that a car will do what you tell it to do,” Miller observed at the time, “it really changes your whole view of how the thing works.” Back then, however, their hacks had a comforting limitation: The attacker’s PC had been wired into the vehicles’ onboard diagnostic port, a feature that normally gives repair technicians access to information about the car’s electronically controlled systems.

    A mere two years later, that carjacking has gone wireless. Miller and Valasek plan to publish a portion of their exploit on the Internet, timed to a talk they’re giving at the Black Hat security conference in Las Vegas next month. It’s the latest in a series of revelations from the two hackers that have spooked the automotive industry and even helped to inspire legislation; WIRED has learned that senators Ed Markey and Richard Blumenthal plan to introduce an automotive security bill today to set new digital security standards for cars and trucks, first sparked when Markey took note of Miller and Valasek’s work in 2013.

    As an auto-hacking antidote, the bill couldn’t be timelier. The attack tools Miller and Valasek developed can remotely trigger more than the dashboard and transmission tricks they used against me on the highway. They demonstrated as much on the same day as my traumatic experience on I-64; After narrowly averting death by semi-trailer, I managed to roll the lame Jeep down an exit ramp, re-engaged the transmission by turning the ignition off and on, and found an empty lot where I could safely continue the experiment.

    Miller and Valasek’s full arsenal includes functions that at lower speeds fully kill the engine, abruptly engage the brakes, or disable them altogether. The most disturbing maneuver came when they cut the Jeep’s brakes, leaving me frantically pumping the pedal as the 2-ton SUV slid uncontrollably into a ditch. The researchers say they’re working on perfecting their steering control—for now they can only hijack the wheel when the Jeep is in reverse. Their hack enables surveillance too: They can track a targeted Jeep’s GPS coordinates, measure its speed, and even drop pins on a map to trace its route.

    Miller attempts to rescue the Jeep after its brakes were remotely disabled, sending it into a ditch.

    All of this is possible only because Chrysler, like practically all carmakers, is doing its best to turn the modern automobile into a smartphone. Uconnect, an Internet-connected computer feature in hundreds of thousands of Fiat Chrysler cars, SUVs, and trucks, controls the vehicle’s entertainment and navigation, enables phone calls, and even offers a Wi-Fi hot spot. And thanks to one vulnerable element, which Miller and Valasek won’t identify until their Black Hat talk, Uconnect’s cellular connection also lets anyone who knows the car’s IP address gain access from anywhere in the country. “From an attacker’s perspective, it’s a super nice vulnerability,” Miller says.

    From that entry point, Miller and Valasek’s attack pivots to an adjacent chip in the car’s head unit—the hardware for its entertainment system—silently rewriting the chip’s firmware to plant their code. That rewritten firmware is capable of sending commands through the car’s internal computer network, known as a CAN bus, to its physical components like the engine and wheels. Miller and Valasek say the attack on the entertainment system seems to work on any Chrysler vehicle with Uconnect from late 2013, all of 2014, and early 2015. They’ve only tested their full set of physical hacks, including ones targeting transmission and braking systems, on a Jeep Cherokee, though they believe that most of their attacks could be tweaked to work on any Chrysler vehicle with the vulnerable Uconnect head unit. They have yet to try remotely hacking into other makes and models of cars.

    After the researchers reveal the details of their work in Vegas, only two things will prevent their tool from enabling a wave of attacks on Jeeps around the world. First, they plan to leave out the part of the attack that rewrites the chip’s firmware; hackers following in their footsteps will have to reverse-engineer that element, a process that took Miller and Valasek months. But the code they publish will enable many of the dashboard hijinks they demonstrated on me as well as GPS tracking.

    Second, Miller and Valasek have been sharing their research with Chrysler for nearly nine months, enabling the company to quietly release a patch ahead of the Black Hat conference. On July 16, owners of vehicles with the Uconnect feature were notified of the patch in a post on Chrysler’s website that didn’t offer any details or acknowledge Miller and Valasek’s research. “[Fiat Chrysler Automobiles] has a program in place to continuously test vehicles systems to identify vulnerabilities and develop solutions,” reads a statement a Chrysler spokesperson sent to WIRED. “FCA is committed to providing customers with the latest software updates to secure vehicles against any potential vulnerability.”

    If consumers don’t realize this is an issue, they should, and they should start complaining to carmakers. This might be the kind of software bug most likely to kill someone. Charlie Miller

    Unfortunately, Chrysler’s patch must be manually implemented via a USB stick or by a dealership mechanic. (Download the update here.) That means many—if not most—of the vulnerable Jeeps will likely stay vulnerable.

    Chrysler stated in a response to questions from WIRED that it “appreciates” Miller and Valasek’s work. But the company also seemed leery of their decision to publish part of their exploit. “Under no circumstances does FCA condone or believe it’s appropriate to disclose ‘how-to information’ that would potentially encourage, or help enable hackers to gain unauthorized and unlawful access to vehicle systems,” the company’s statement reads. “We appreciate the contributions of cybersecurity advocates to augment the industry’s understanding of potential vulnerabilities. However, we caution advocates that in the pursuit of improved public safety they not, in fact, compromise public safety.”

    The two researchers say that even if their code makes it easier for malicious hackers to attack unpatched Jeeps, the release is nonetheless warranted because it allows their work to be proven through peer review. It also sends a message: Automakers need to be held accountable for their vehicles’ digital security. “If consumers don’t realize this is an issue, they should, and they should start complaining to carmakers,” Miller says. “This might be the kind of software bug most likely to kill someone.”

    In fact, Miller and Valasek aren’t the first to hack a car over the Internet. In 2011 a team of researchers from the University of Washington and the University of California at San Diego showed that they could wirelessly disable the locks and brakes on a sedan. But those academics took a more discreet approach, keeping the identity of the hacked car secret and sharing the details of the exploit only with carmakers.

    Miller and Valasek represent the second act in a good-cop/bad-cop routine. Carmakers who failed to heed polite warnings in 2011 now face the possibility of a public dump of their vehicles’ security flaws. The result could be product recalls or even civil suits, says UCSD computer science professor Stefan Savage, who worked on the 2011 study. “Imagine going up against a class-action lawyer after Anonymous decides it would be fun to brick all the Jeep Cherokees in California,” Savage says.2

    For the auto industry and its watchdogs, in other words, Miller and Valasek’s release may be the last warning before they see a full-blown zero-day attack. “The regulators and the industry can no longer count on the idea that exploit code won’t be in the wild,” Savage says. “They’ve been thinking it wasn’t an imminent danger you needed to deal with. That implicit assumption is now dead.”

    471,000 Hackable Automobiles

    Miller and Valasek's exploit uses a burner phone's cellular connection to attack the Jeep's internet-connected entertainment system.

    Sitting on a leather couch in Miller’s living room as a summer storm thunders outside, the two researchers scan the Internet for victims.

    Uconnect computers are linked to the Internet by Sprint’s cellular network, and only other Sprint devices can talk to them. So Miller has a cheap Kyocera Android phone connected to his battered MacBook. He’s using the burner phone as a Wi-Fi hot spot, scouring for targets using its thin 3G bandwidth.

    A set of GPS coordinates, along with a vehicle identification number, make, model, and IP address, appears on the laptop screen. It’s a Dodge Ram. Miller plugs its GPS coordinates into Google Maps to reveal that it’s cruising down a highway in Texarkana, Texas. He keeps scanning, and the next vehicle to appear on his screen is a Jeep Cherokee driving around a highway cloverleaf between San Diego and Anaheim, California. Then he locates a Dodge Durango, moving along a rural road somewhere in the Upper Peninsula of Michigan. When I ask him to keep scanning, he hesitates. Seeing the actual, mapped locations of these unwitting strangers’ vehicles—and knowing that each one is vulnerable to their remote attack—unsettles him.

    When Miller and Valasek first found the Uconnect flaw, they thought it might only enable attacks over a direct Wi-Fi link, confining its range to a few dozen yards. When they discovered the Uconnect’s cellular vulnerability earlier this summer, they still thought it might work only on vehicles on the same cell tower as their scanning phone, restricting the range of the attack to a few dozen miles. But they quickly found even that wasn’t the limit. “When I saw we could do it anywhere, over the Internet, I freaked out,” Valasek says. “I was frightened. It was like, holy fuck, that’s a vehicle on a highway in the middle of the country. Car hacking got real, right then.”

    That moment was the culmination of almost three years of work. In the fall of 2012, Miller, a security researcher for Twitter and a former NSA hacker, and Valasek, the director of vehicle security research at the consultancy IOActive, were inspired by the UCSD and University of Washington study to apply for a car-hacking research grant from Darpa. With the resulting $80,000, they bought a Toyota Prius and a Ford Escape. They spent the next year tearing the vehicles apart digitally and physically, mapping out their electronic control units, or ECUs—the computers that run practically every component of a modern car—and learning to speak the CAN network protocol that controls them.

    When they demonstrated a wired-in attack on those vehicles at the DefCon hacker conference in 2013, though, Toyota, Ford, and others in the automotive industry downplayed the significance of their work, pointing out that the hack had required physical access to the vehicles. Toyota, in particular, argued that its systems were “robust and secure” against wireless attacks. “We didn’t have the impact with the manufacturers that we wanted,” Miller says. To get their attention, they’d need to find a way to hack a vehicle remotely.

    Charlie Miller.

    So the next year, they signed up for mechanic’s accounts on the websites of every major automaker and downloaded dozens of vehicles’ technical manuals and wiring diagrams. Using those specs, they rated 24 cars, SUVs, and trucks on three factors they thought might determine their vulnerability to hackers: How many and what types of radios connected the vehicle’s systems to the Internet; whether the Internet-connected computers were properly isolated from critical driving systems, and whether those critical systems had “cyberphysical” components—whether digital commands could trigger physical actions like turning the wheel or activating brakes.

    Based on that study, they rated Jeep Cherokee the most hackable model. Cadillac’s Escalade and Infiniti’s Q50 didn’t fare much better; Miller and Valasek ranked them second- and third-most vulnerable. When WIRED told Infiniti that at least one of Miller and Valasek’s warnings had been borne out, the company responded in a statement that its engineers “look forward to the findings of this [new] study” and will “continue to integrate security features into our vehicles to protect against cyberattacks.” Cadillac emphasized in a written statement that the company has released a new Escalade since Miller and Valasek’s last study, but that cybersecurity is “an emerging area in which we are devoting more resources and tools,” including the recent hire of a chief product cybersecurity officer.

    After Miller and Valasek decided to focus on the Jeep Cherokee in 2014, it took them another year of hunting for hackable bugs and reverse-engineering to prove their educated guess. It wasn’t until June that Valasek issued a command from his laptop in Pittsburgh and turned on the windshield wipers of the Jeep in Miller’s St. Louis driveway.

    Since then, Miller has scanned Sprint’s network multiple times for vulnerable vehicles and recorded their vehicle identification numbers. Plugging that data into an algorithm sometimes used for tagging and tracking wild animals to estimate their population size, he estimated that there are as many as 471,000 vehicles with vulnerable Uconnect systems on the road.

    Pinpointing a vehicle belonging to a specific person isn’t easy. Miller and Valasek’s scans reveal random VINs, IP addresses, and GPS coordinates. Finding a particular victim’s vehicle out of thousands is unlikely through the slow and random probing of one Sprint-enabled phone. But enough phones scanning together, Miller says, could allow an individual to be found and targeted. Worse, he suggests, a skilled hacker could take over a group of Uconnect head units and use them to perform more scans—as with any collection of hijacked computers—worming from one dashboard to the next over Sprint’s network. The result would be a wirelessly controlled automotive botnet encompassing hundreds of thousands of vehicles.

    “For all the critics in 2013 who said our work didn’t count because we were plugged into the dashboard,” Valasek says, “well, now what?”

    Chris Valasek.

    Congress Takes on Car Hacking

    Now the auto industry needs to do the unglamorous, ongoing work of actually protecting cars from hackers. And Washington may be about to force the issue.

    Later today, senators Markey and Blumenthal intend to reveal new legislation designed to tighten cars’ protections against hackers. The bill (which a Markey spokesperson insists wasn’t timed to this story) will call on the National Highway Traffic Safety Administration and the Federal Trade Commission to set new security standards and create a privacy and security rating system for consumers. “Controlled demonstrations show how frightening it would be to have a hacker take over controls of a car,” Markey wrote in a statement to WIRED. “Drivers shouldn’t have to choose between being connected and being protected…We need clear rules of the road that protect cars from hackers and American families from data trackers.”

    Markey has keenly followed Miller and Valasek’s research for years. Citing their 2013 Darpa-funded research and hacking demo, he sent a letter to 20 automakers, asking them to answer a series of questions about their security practices. The answers, released in February, show what Markey describes as “a clear lack of appropriate security measures to protect drivers against hackers who may be able to take control of a vehicle.” Of the 16 automakers who responded, all confirmed that virtually every vehicle they sell has some sort of wireless connection, including Bluetooth, Wi-Fi, cellular service, and radios. (Markey didn’t reveal the automakers’ individual responses.) Only seven of the companies said they hired independent security firms to test their vehicles’ digital security. Only two said their vehicles had monitoring systems that checked their CAN networks for malicious digital commands.

    UCSD’s Savage says the lesson of Miller and Valasek’s research isn’t that Jeeps or any other vehicle are particularly vulnerable, but that practically any modern vehicle could be vulnerable. “I don’t think there are qualitative differences in security between vehicles today,” he says. “The Europeans are a little bit ahead. The Japanese are a little bit behind. But broadly writ, this is something everyone’s still getting their hands around.”

    Miller (left) and Valasek demonstrated the rest of their attacks on the Jeep while I drove it around an empty parking lot.

    Aside from wireless hacks used by thieves to open car doors, only one malicious car-hacking attack has been documented: In 2010 a disgruntled employee in Austin, Texas, used a remote shutdown system meant for enforcing timely car payments to brick more than 100 vehicles. But the opportunities for real-world car hacking have only grown, as automakers add wireless connections to vehicles’ internal networks. Uconnect is just one of a dozen telematics systems, including GM Onstar, Lexus Enform, Toyota Safety Connect, Hyundai Bluelink, and Infiniti Connection.

    In fact, automakers are thinking about their digital security more than ever before, says Josh Corman, the cofounder of I Am the Cavalry, a security industry organization devoted to protecting future Internet-of-things targets like automobiles and medical devices. Thanks to Markey’s letter, and another set of questions sent to automakers by the House Energy and Commerce Committee in May, Corman says, Detroit has known for months that car security regulations are coming.

    But Corman cautions that the same automakers have been more focused on competing with each other to install new Internet-connected cellular services for entertainment, navigation, and safety. (Payments for those services also provide a nice monthly revenue stream.) The result is that the companies have an incentive to add Internet-enabled features—but not to secure them from digital attacks. “They’re getting worse faster than they’re getting better,” he says. “If it takes a year to introduce a new hackable feature, then it takes them four to five years to protect it.”

    Corman’s group has been visiting auto industry events to push five recommendations: safer design to reduce attack points, third-party testing, internal monitoring systems, segmented architecture to limit the damage from any successful penetration, and the same Internet-enabled security software updates that PCs now receive. The last of those in particular is already catching on; Ford announced a switch to over-the-air updates in March, and BMW used wireless updates to patch a hackable security flaw in door locks in January.

    Corman says carmakers need to befriend hackers who expose flaws, rather than fear or antagonize them—just as companies like Microsoft have evolved from threatening hackers with lawsuits to inviting them to security conferences and paying them “bug bounties” for disclosing security vulnerabilities. For tech companies, Corman says, “that enlightenment took 15 to 20 years.” The auto industry can’t afford to take that long. “Given that my car can hurt me and my family,” he says, “I want to see that enlightenment happen in three to five years, especially since the consequences for failure are flesh and blood.”

    As I drove the Jeep back toward Miller’s house from downtown St. Louis, however, the notion of car hacking hardly seemed like a threat that will wait three to five years to emerge. In fact, it seemed more like a matter of seconds; I felt the vehicle’s vulnerability, the nagging possibility that Miller and Valasek could cut the puppet’s strings again at any time.

    The hackers holding the scissors agree. “We shut down your engine—a big rig was honking up on you because of something we did on our couch,” Miller says, as if I needed the reminder. “This is what everyone who thinks about car security has worried about for years. This is a reality.”

    Update 3:30 7/24/2015: Chrysler has issued a recall for 1.4 million vehicles as a result of Miller and Valasek’s research. The company has also blocked their wireless attack on Sprint’s network to protect vehicles with the vulnerable software.

    1Correction 10:45 7/21/2015: An earlier version of the story stated that the hacking demonstration took place on Interstate 40, when in fact it was Route 40, which coincides in St. Louis with Interstate 64.

    2Correction 1:00pm 7/27/2015: An earlier version of this story referenced a Range Rover recall due to a hackable software bug that could unlock the vehicles’ doors. While the software bug did lead to doors unlocking, it wasn’t publicly determined to exploitable by hackers.

    Reply
  2. shinichi Post author

    Here’s what makes it so easy for hackers to take over your car

    by Matthew Gault

    http://blogs.reuters.com/great-debate/2015/09/10/a-cars-real-danger-zone-its-computer-network/

    Every computer is hackable — even our cars. But the big automobile manufacturers seem to be following the Detroit tradition of fighting change rather than addressing it and helping keep people safe.

    This summer all drivers learned their cars are vulnerable to attack. Wired’s Andy Greenberg made headlines with his article about two hackers who were able to take control of his Jeep Cherokee as he was driving.

    Greenberg was working with the hackers. But he was still stunned they were able to mess with his windshield wipers, blast terrible music over his radio, jack up his air conditioning and even kill the engine as the car cruised down the highway.

    This won’t be the last time that happens. Cars are particularly vulnerable to attack because their basic computer system is far too simple.

    Most automobiles run on a relatively primitive internal computer network called the controller area network or CAN. It is the computer equivalent of a single-cell organism, uncomplicated and pedestrian. Yet this simple computer controls all complicated operations of a car, including the advanced systems that run the ignition, steering and anti-lock brakes.

    The auto industry standardized the CAN chips in 2007. Since then — with some small variations — every car’s little single-celled brain has been largely the same.

    Though car manufacturers are now adding fancy electronic upgrades such as Bluetooth access or OnStar, they merely added other CAN computers to a car to operate them. The CAN operating a car’s WiFi, for example, is separate from the CAN operating the transmission, but the two do communicate. Typically, the CAN running crucial components — like the brakes or engine — is read-only, meaning the car’s other computer systems shouldn’t be able to change or interfere with it.

    It turns out, however, that most car companies have done a terrible job of protecting the tiny brains at the heart of virtually all cars. The most dangerous car hacks succeed by hijacking the CAN controlling a car’s brakes, engines and transmission.

    Often the hackers need physical access to the electronics systems in order to break into the CAN, either through the hood or the dashboard. Increasingly, though, they are able to infiltrate it through the CAN controlling the comfort systems, such as Bluetooth or WiFi.

    The bigger problem is the behavior of the auto industry when hackers reveal these exploits to the world.

    Many hackers are tinkerers, curious computer enthusiasts who like playing with a system and puzzling out its defects. This type of hacker is labeled a white hat — a hacker for good. Most of the recent car hackers have been white hats. When white hats discover a flaw in a security system, they typically alert the owner of that security system.

    Valasek and Miller weren’t the first to hack a car. Gearheads have long hacked their cars to bypass environmental restrictions built into engines. Back in February, 60 Minutes ran a story remarkably like Greenberg’s.

    A team of computer science researchers at the University of Southern California, San Diego recently wrote a program that takes control of a car with a cell phone. The program exploits weakness in a common OBD2 dongle — often used to diagnose car trouble — that plugs into any vehicle. The researchers uploaded a simple program to the dongle via a cell phone. After that, simple text messages could start and stop the car.

    Every car manufactured after 1996 has an on-board diagnostic port. It’s typically underneath the dash and right below the steering column. OBD2 dongles plug into that port and harvest data from a car’s various computer systems. Both Uber and various insurance companies use the OBD2 dongle to monitor drivers.

    In 2012, researchers at Radboud University in the Netherlands figured out how to hack the security system of Volkswagen, Honda, Audi, Fiat and Volvo cars. The theft prevention system had been designed to prohibit cars from starting if the right key, with the right RFID chip wasn’t present. Radboud figured out how to bypass it.

    The Radboud University researchers who uncovered the flaw in the luxury car security systems contacted the manufacturers to let them know. In response, Volkswagen sought an injunction against the Radboud research in British court. Volkswagen won the suit and stopped the researchers from publishing their findings for two years.

    General Motors doesn’t want anyone tinkering with its products either. The U.S. car giant recently declared that when you buy a car from it, you’re just leasing the software the car uses to run its systems. According to General Motors, tinkering with its cars the way Miller and Valasek did with Jeep is tantamount to theft of intellectual property and a violation of copyright law.

    If the goal of the world’s auto industry is to keep its consumers safe from malicious hackers, suppressing research and suing anyone who goes under the hood is a losing strategy.

    The auto industry has long been a competitive rivalry among billion-dollar companies protecting trade secrets as if they were government secrets. But if manufacturers want to keep their cars safe from malicious hackers that must change.

    The auto industry will have to become, god help me, more like the tech industry.

    One of the oldest stories of Silicon Valley is of the basement-dwelling super hacker who gets caught, only to be hired by the entity attacked. Chris Putnam, for example, created a worm that ravaged Facebook. The social media behemoth hired Putnam after it discovered his code.

    Michael Mooney ran a similar program through Twitter and Twitter hired him. Even the Department of Homeland Security hired famed super hacker Jeff Moss. The tech industry learned early that the best way to keep safe is to buy off the people who exploit its systems. It’s a winning strategy.

    Tesla Motors, the electric car company founded by Elon Musk, knows how to deal with hackers. It offered a $10,000 bounty to anyone who finds a repeatable exploit in any of its cars.

    Meanwhile, Uber just hired the now celebrated Jeep hackers Miller and Valasek to design and improve the company’s security infrastructure. Tesla and Uber’s policies stand in stark contrast to Volkswagen, GM and others who seem content to bury their head in the sand and sue anyone who points out that the emperor has no clothes.

    If the older car companies don’t change something soon, then Washington will force them. On Aug. 24, the Federal Trade Commission won a case against Wyndham Hotels & Resorts. The FTC claimed it has the right to sue companies with poor data security on behalf of the public. The U.S. Court of Appeals for the Third Circuit agreed.

    That case may set the precedent for the FTC and the Department of Transportation going after auto manufacturers for their poor information security. Losing your credit card info to hackers while you in a hotel is terrible, but losing control of your vehicle is far worse.

    Reply
  3. shinichi Post author

    コラム:ハッキングでの車「乗っ取り」が簡単な理由

    Matthew Gault

    ロイター

    http://jp.reuters.com/article/2015/09/18/column-car-hack-idJPKCN0RI04920150918

    すべてのコンピューターはハッキングが可能だが、車も例外ではない。だが大手自動車メーカー各社は、対策を講じて人々の安全を守るよりも、変化に逆らうデトロイトの伝統に従っているようだ。

    ワイアード誌のアンディー・グリーンバーグ記者はこの夏、自分の「ジープ・チェロキー」が運転中にハッカーに乗っ取られることが可能であることを実証した実験について記事を書き、話題を呼んだ。

    実験とはいえ、勝手に車のワイパーが作動したり、ラジオからひどい音楽が大音量で流れたり、エンジンが止まったりという数々のハッカーによる仕業にグリーンバーグ氏は驚きを隠さない。

    とりわけ車がハッキングに弱いのは、基本となるコンピューターシステムが単純過ぎるからだ。

    大半の自動車は「CAN」と呼ばれる比較的原始的な車載ネットワークで動いている。CANはイグニッション(点火)やステアリング、アンチロック・ブレーキなどを制御する高度なシステムを含むあらゆる複雑な操作をコントロールする。

    自動車業界は2007年にCANを規格化した。それ以降、多少の違いはあるが、どのような車も概して同じネットワークを搭載している。

    自動車メーカー各社は現在、ブルートゥースを活用した車載テレマティクスのような無線通信を装備しているが、それらを制御するのも結局はCANである。通常、ブレーキやエンジンなど重要な部分を制御するCANは読み出し専用であり、車の他のコンピューターシステムはそれを変えることは不可能だ。

    しかし、多くのメーカーのハッキング対策はお粗末であることが判明した。最も危険なのは、ブレーキやエンジン、トランスミッションを制御するCANがハッキングされることだ。

    CANに侵入するには大抵、ダッシュボードなどから電子システムに物理的にアクセスする必要があるが、ブルートゥースやWiFi(ワイファイ)を介して侵入可能になってきている。

    南カリフォルニア大学のコンピューターサイエンスの研究者チームは最近、携帯電話で車をコントロールできるプログラムを公開した。同プログラムは、車の自己故障診断によく使われるOBD2ドングルの弱点を利用している。携帯電話からこのプログラムをドングルにアップロードすれば、テキストメッセージで車を発車させたり停止させたりできる。

    米国では1996年以降、車にOBD2ポートを搭載することが義務付けられている。ポートにドングルを接続すれば、車のさまざまなデータを得ることができ、こうした情報は米配車サービスのウーバーや自動車保険会社で利用されている。

    2012年には、オランダのラドバウド大学の研究者たちが、フォルクスワーゲン、ホンダ、アウディ、フィアット、ボルボのセキュリティーシステムをハッキングする方法を解明した。研究者たちは欠陥を知らせるべく各自動車メーカーに連絡したが、これに対しフォルクスワーゲンは英裁判所に差し止め請求を行った。同社は勝訴し、研究結果は2年間公表できなくなった。

    ゼネラル・モーターズ(GM)も自社製品を誰にもいじられたくないと考えているようだ。GMは最近、同社の車を動かすソフトウエアをめぐり、購入者はただリースしているだけだと明言した。同社によれば、冒頭のグリーンバーグ記者の記事に登場するハッカーのやり口は、知的財産の侵害や著作権法違反に等しいという。

    もし世界の自動車業界の目標が顧客を悪意あるハッカーから守ることであるなら、訴訟を起こして研究を差し止めるなど戦略としては失敗しているも同然だ。

    自動車業界は長い間、企業秘密を守りながらしのぎを削ってきた。だが、悪意あるハッカーから車を守りたいのであれば、変わらなければならない。

    そのお手本となるのがIT業界だろう。

    フェイスブックをハッキングしたクリス・パットナム氏がのちに同社に雇われたのは、もはやシリコンバレーの伝説の1つとなっている。ツイッターも同様に、ハッキングしたマイケル・ムーニー氏を雇った。IT業界は、安全を維持する最善策はシステムに侵入した人物たちを引き入れることだといち早く学んだ。そして、これこそが成功する戦略だと言える。

    自動車メーカーがすぐに変わらなくても、その流れはできていると言えるかもしれない。米連邦取引委員会(FTC)は8月24日、顧客のクレジットカード情報を流出させたホテル経営企業ウィンダムワールドワイドが十分なITセキュリティー管理をしていなかったとして同社を訴えていた裁判に勝訴した。FTCは対策不十分な企業を提訴する権利があると主張していた。

    このケースは、FTCと運輸省がセキュリティー対策が十分ではないとして自動車メーカーを取り締まる前例となるかもしれない。ホテルでカード情報が盗まれるのも最悪だが、運転する車の制御が効かないのはもっと恐ろしい。

    *筆者は、ツイッター創業者らによるブログサービス「Medium.com」の防衛担当記者。

    *本コラムは筆者の個人的見解に基づいて書かれています。

    *このドキュメントにおけるニュース、取引価格、データ及びその他の情報などのコンテンツはあくまでも利用者の個人使用のみのためにロイターのコラムニストによって提供されているものであって、商用目的のために提供されているものではありません。このドキュメントの当コンテンツは、投資活動を勧誘又は誘引するものではなく、また当コンテンツを取引又は売買を行う際の意思決定の目的で使用することは適切ではありません。当コンテンツは投資助言となる投資、税金、法律等のいかなる助言も提供せず、また、特定の金融の個別銘柄、金融投資あるいは金融商品に関するいかなる勧告もしません。このドキュメントの使用は、資格のある投資専門家の投資助言に取って代わるものではありません。ロイターはコンテンツの信頼性を確保するよう合理的な努力をしていますが、コラムニストによって提供されたいかなる見解又は意見は当該コラムニスト自身の見解や分析であって、ロイターの見解、分析ではありません。

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *