Here's How Easily People Are Hacking Into Cars Now
There was a time, not very long ago, when a person could simply get into a car, put the key into the ignition and be on their merry way. But, that was then. And today? Today comes word that not only is car hacking a real thing, but according to The New York Times, automakers are struggling to stay ahead of hackers. With the exploitation of bugs and flaws, a vehicle falling into the wrong hands while in motion is a deadly prospect to most.
Car hacking isn't a new phenomenon. Back in 2015, Wired asked a couple of hackers to show just how easy it was for someone else to take over a vehicle. While driving 70 mph around St. Louis, Andy Greenberg from Wired had his Jeep Cherokee willingly hacked by Charlie Miller and Chris Valasek. Using a special hacking technique called "zero-day exploit," Miller and Valasek were able to commandeer the Jeep's climate control system, the in-seat climate system, and even the radio. But perhaps the most frightening part? Miller and Valasek turned off the car's transmission, while Greenberg was still in gear and driving.
"Immediately my accelerator stopped working. As I frantically pressed the pedal and watched the RPMs climb, the Jeep lost half its speed, then slowed to a crawl," Greenberg described. "This occurred just as I reached a long overpass, with no shoulder to offer an escape. The experiment had ceased to be fun."
Bounty on bugs
To deal with this issue, carmakers headed right to the source: hackers. In an effort to ensure the safety of their vehicles and the drivers, manufactures like Tesla and Fiat Chrysler hired hackers to exploit the flaws within their cars' operating systems (via USA Today). Tesla, for instance, created incentive testing competitions known as "bug bounty programs." The point of the incentive programs? To encourage third parties to scout out flaws, bugs, and security features. Launched in 2014, one Tesla bug bounty program pays up to $15,000 per flaw exploited. Meanwhile, Fiat Chrysler unveiled a similar program in 2016, paying hackers $1,500 per flaw exposed.
While car manufacturers are voluntarily looking for ways to combat hackers, the choice to do so may not be theirs to make much longer. In 2015, Senators Ed Markey and Richard Blumenthal introduced legislation aimed at stopping car hacking. Known as the SPY Car Act, the bill required federal cybersecurity standards be issued for all cars, establish uniform standards, and limit the use of driving data. With a 605% increase in car hacking from 2016 to 2019, according to Auth0, the act was expanded and improved, once in 2017 and again in 2019. As cars increasingly becoming more and more reliant on technology, the need for continued computer safety measures becomes increasingly important, as well.