DOD: Connected Technologies Growing More Vulnerable To Sabotage

Cameron Aubernon
by Cameron Aubernon
dod connected technologies growing more vulnerable to sabotage

As connected technologies make inroads into vehicles et al, the growing possibility of sabotage has the Department of Defense and DARPA on notice.

Per Jalopnik, CBS’ “60 Minutes” spent some time with DARPA Information Innovation Office chief Dan Kaufman to explore the vulnerabilities of connected technology coming into play not only on the road, but at home, in the office et al.

In one demonstration, Kaufman was able to break into the OnStar system aboard a previous-gen Chevrolet Impala, transplanting a code that allowed him to control everything on the car, from the wipers and the horn, to the braking and acceleration system itself.

The situation may be more dire still: a report from Sen. Ed Markey of Massachusetts’ office states all new vehicles can be hacked, and that only “two out of 16 car makers can diagnose or respond to an infiltration in real-time.”

Join the conversation
10 of 36 comments
  • An innocent man An innocent man on Feb 10, 2015

    Some guy from McAfee showed a few years ago that he could hack into a pacemaker, and an insulin pump. He could jolt your maker, killing you, or dump your pump, killing you.

  • Land Ark Land Ark on Feb 10, 2015

    I watched 60 Minutes on Sunday. I loved how they said they disguised the car so as not to identify the manufacturer - more so when as soon as they showed it I knew it was an Impala. My opinion after watching it was that it was a worst-case scenario puff piece. The car was provided by DARPA, so they had complete access to it prior to the taping of the segment. So I took the whole thing with a huge grain of salt. Any time I see an investigative report on tv dealing with scary car issues I figure there is a lot of chicanery going on behind the scenes. Like when ABC News did the Toyota unintended acceleration tests and made the results match their intended message. 60 Minutes stands to gain nothing by proving that the car is unbreakable. How much risk does the average person have of being a victim of this? A lot, so you better watch CBS programs and buy the prescription drugs which sponsor the shows.

  • Psarhjinian Psarhjinian on Feb 10, 2015

    There was a similar article posted on Ars Technica yesterday. The same points apply here: * While the premise is true, you need to have the vehicle in your possession to pull off the hack. Anyone in IT knows that, if you have physical access, getting pwned is pretty much assured. * Say it again: this isn't a remote exploit. It's a local hack. I could just as easily connect to the CAN bus via your diagnostic port and wreak all sorts of havoc, or, for that matter, I could loosen your lugnuts, cut your brake lines and put nails in your tires. Now, if someone could hack into OnStar corporate and, from there, connect to your vehicle, that would be a neat trick. So would connecting to CAN via an in-car hotspot from another car. Both are quite a bit trickier than this. OEMs could do more to firewall the ECU and CAN bus from the ICE and telematics as a matter of course because, one day, someone will have the ECU connected to the internet, but this kind of vulnerability is Evil Maid territory and a non-story.

  • John R John R on Feb 10, 2015

    Whether they used an Impala or a Tesla or a Camry is immaterial. So is whether or not the said car uses some kind of connected service, OnStar is only one avenue. If your car has TPMS it is accessible.

    • See 3 previous
    • Highdesertcat Highdesertcat on Feb 10, 2015

      @psarhjinian psar, I'm not paranoid. I'm realistic. The hackers often turn out to be some teens experimenting. However, if you think there is nothing to worry about, you should live your life accordingly. I would much rather err on the s!de of caution and minimize my vulnerabilities. To each his own. Oh, I did want to correct “Most new cars today report data back to “mama” even if they don’t have an On-Star or similar system installed.” to read “Most 'connected' new cars today report data back to “mama” even if they don’t have an On-Star or similar system installed.” My mistake. I didn't proof my copy before hitting "save".