DOD: Connected Technologies Growing More Vulnerable To Sabotage

Cameron Aubernon
by Cameron Aubernon

As connected technologies make inroads into vehicles et al, the growing possibility of sabotage has the Department of Defense and DARPA on notice.

Per Jalopnik, CBS’ “60 Minutes” spent some time with DARPA Information Innovation Office chief Dan Kaufman to explore the vulnerabilities of connected technology coming into play not only on the road, but at home, in the office et al.

In one demonstration, Kaufman was able to break into the OnStar system aboard a previous-gen Chevrolet Impala, transplanting a code that allowed him to control everything on the car, from the wipers and the horn, to the braking and acceleration system itself.

The situation may be more dire still: a report from Sen. Ed Markey of Massachusetts’ office states all new vehicles can be hacked, and that only “two out of 16 car makers can diagnose or respond to an infiltration in real-time.”

Cameron Aubernon
Cameron Aubernon

Seattle-based writer, blogger, and photographer for many a publication. Born in Louisville. Raised in Kansas. Where I lay my head is home.

More by Cameron Aubernon

Comments
Join the conversation
8 of 36 comments
  • Psarhjinian Psarhjinian on Feb 10, 2015

    There was a similar article posted on Ars Technica yesterday. The same points apply here: * While the premise is true, you need to have the vehicle in your possession to pull off the hack. Anyone in IT knows that, if you have physical access, getting pwned is pretty much assured. * Say it again: this isn't a remote exploit. It's a local hack. I could just as easily connect to the CAN bus via your diagnostic port and wreak all sorts of havoc, or, for that matter, I could loosen your lugnuts, cut your brake lines and put nails in your tires. Now, if someone could hack into OnStar corporate and, from there, connect to your vehicle, that would be a neat trick. So would connecting to CAN via an in-car hotspot from another car. Both are quite a bit trickier than this. OEMs could do more to firewall the ECU and CAN bus from the ICE and telematics as a matter of course because, one day, someone will have the ECU connected to the internet, but this kind of vulnerability is Evil Maid territory and a non-story.

  • John R John R on Feb 10, 2015

    Whether they used an Impala or a Tesla or a Camry is immaterial. So is whether or not the said car uses some kind of connected service, OnStar is only one avenue. If your car has TPMS it is accessible.

    • See 3 previous
    • Highdesertcat Highdesertcat on Feb 10, 2015

      @psarhjinian psar, I'm not paranoid. I'm realistic. The hackers often turn out to be some teens experimenting. However, if you think there is nothing to worry about, you should live your life accordingly. I would much rather err on the s!de of caution and minimize my vulnerabilities. To each his own. Oh, I did want to correct “Most new cars today report data back to “mama” even if they don’t have an On-Star or similar system installed.” to read “Most 'connected' new cars today report data back to “mama” even if they don’t have an On-Star or similar system installed.” My mistake. I didn't proof my copy before hitting "save".

Next