The CIA Allegedly Considered Connected Cars as 'Potential Mission Areas' for Hacking

by Matt Posky

Published: March 9th, 2017

the cia allegedly considered connected cars as potential mission areas for hacking

Automakers are hurriedly trying to implement connected vehicle technology and autonomous solutions to entice consumers, though there remains an underlying phobia among the general public that isn’t without a basis in reality. Cyber security is considered essential to the evolution of self-driving cars and plays an equally important role in the vehicles of today that offer enhanced connectivity.

Since modern automobiles rely so heavily on computers, there’s a plethora of elements that hackers could target. However, these hackers don’t necessarily need to operate outside of the law.

Embedded in a WikiLeaks analysis of documents allegedly acquired from the Central Intelligence Agency is an apparent interest in hacking automobiles. The most terrifying takeaway from those files? The claim that the CIA could theoretically use the systems in modern passenger vehicles to conduct “nearly undetectable assassinations.”

The specific example given was a document citing cars using BlackBerry Ltd.’s QNX automotive software, which is used in more than 60 million vehicles.

CIA meeting notes specifically mention QNX as one of several “potential mission areas” for the agency’s Embedded Devices Branch. That branch is also alleged to have collaborated with United Kingdom’s MI5/BTSS to hack phones using Android and Apple operating systems, as well as Samsung’s Smart TVs. After being attacked with hidden malware, those devices could then be converted into listening devices or even controlled by a third party.

The notes that mention the car-based systems — dated October 23, 2014 — said that Blackberry hadn’t yet been notified of the branch’s work. The documents also do not specify if the CIA ever moved ahead with QNX as a hacking target.

However, we already know that modern vehicles can be hacked. Researches working with Wired gained digital access to a Jeep Cherokee in 2015 and managed control many of the car’s systems, including the throttle, brakes and steering. FCA then recalled 1.4 million cars and trucks, making it the first automotive recall ever prompted by hacking trepidations.

While there are over 10,000 files to sift through, Wikileaks has already alleged that the CIA developed what editor-in-chief Julian Assange considered an “arsenal” of malware to attack and control “all the systems that average people use”.

“Once the material is effectively disarmed, we will publish additional details,” Assange said.

U.S. federal agencies have launched a criminal investigation into the release of the documents.

#AutomotiveHacking #AutomotiveTechnology #AutonomousCars #CentralIntelligenceAgency #CIA #Hacking #Safety #Technology

Matt Posky

A staunch consumer advocate tracking industry trends and regulation. Before joining TTAC, Matt spent a decade working for marketing and research firms based in NYC. Clients included several of the world’s largest automakers, global tire brands, and aftermarket part suppliers. Dissatisfied with the corporate world and resentful of having to wear suits everyday, he pivoted to writing about cars. Since then, that man has become an ardent supporter of the right-to-repair movement, been interviewed on the auto industry by national radio broadcasts, driven more rental cars than anyone ever should, participated in amateur rallying events, and received the requisite minimum training as sanctioned by the SCCA. Handy with a wrench, Matt grew up surrounded by Detroit auto workers and managed to get a pizza delivery job before he was legally eligible. He later found himself driving box trucks through Manhattan, guaranteeing future sympathy for actual truckers. He continues to conduct research pertaining to the automotive sector as an independent contractor and has since moved back to his native Michigan, closer to where the cars are born. A contrarian, Matt claims to prefer understeer — stating that front and all-wheel drive vehicles cater best to his driving style.

More by Matt Posky

Comments

Join the conversation

3 of 22 comments

Eiriksmal on Mar 09, 2017

You... You used stock imagery of that terrible Google invention, Angular.js, to depict hacking? Through the powers of the internet, you can even find the pull request that added that particular section. https://github.com/angular/angular.js/pull/1958/files Much better hacker images involve Googling "hacker stock image." My favorites are the ones of masked men with tiny hammers, threatening their own laptops.

Like Reply
- Art Vandelay on Mar 09, 2017
  
  LOL... Yes, use the "Red Code" from CSI Cyber!
  
  Like
Art Vandelay on Mar 09, 2017

I have an upcoming interview with an automaker for an in-vehicle cyber defense position. I may be the one dude who looks at this as a positive!

Like Reply

Recent Comments

Zerofoo The green arguments for EVs here are interesting...lithium, cobalt and nickel mines are some of the most polluting things on this planet - even more so when they are operated in 3rd world countries.
JMII Let me know when this a real vehicle, with 3 pedals... and comes in yellow like my '89 Prelude Si. Given Honda's track record over the last two decades I am not getting my hopes up.
JMII I did them on my C7 because somehow GM managed to build LED markers that fail after only 6 years. These are brighter then OEM despite the smoke tint look.I got them here: https://www.corvettepartsandaccessories.com/products/c7-corvette-oracle-concept-sidemarker-set?variant=1401801736202
28-Cars-Later Why RHO? Were Gamma and Epsilon already taken?
28-Cars-Later "The VF 8 has struggled to break ground in the increasingly crowded EV market, as spotty reviews have highlighted deficiencies with its tech, ride quality, and driver assistance features. That said, the price isn’t terrible by current EV standards, starting at $47,200 with leases at $429 monthly." In a not so surprising turn of events, VinFast US has already gone bankrupt.