Apparently All Cars Can Be Hacked Now: Insurance Dongle Edition

Aaron Cole
by Aaron Cole

Hackers say they may be able to control any vehicle with a telematics-enabled sensor — including a popular sensor that insurance companies use for consumers — plugged into the car’s diagnostic port, according to Wired report (via The Verge).

In recent weeks, several hacks have surfaced — Chrysler, General Motors and Telsa — related to specific automakers. According to the report, the On-Board Diagnostic system hack could apply to any make or model fitted with an insurance or tracking dongle. The University of California San Diego researchers say they’ll present their findings at the Usenix conference Tuesday.

And, um, there’s no easy way to put this, but … it doesn’t appear that it would be all that hard to find cars with the dongles at the moment.

The story focused on a dongle provided by a Bay Area-insurance provider, MetroMile, who uses the dongle to charge customers by the mile. Hackers remotely shutdown a Corvette using the device by sending the dongle an SMS message that confused the device into controlling the car’s vital functions. The hackers say they could control steering, throttle and brakes using the hacks. Although the target was a Corvette, the researchers said they could apply the hack to many more cars.

From the story:

“It’s not just this car that’s vulnerable,” says UCSD researcher Karl Koscher. He points to the work of researchers Charlie Miller and Chris Valasek, who revealed and published the code for a wide array of attacks on a Toyota Prius and Ford Escape in 2013 that required only access to a vehicle’s OBD2 port. “If you put this into a Prius, there are libraries of attacks ready to use online.”

MetroMile says it wirelessly updated its devices when it became aware of the hack weeks ago.

Hackers say that the hack may apply to Progressive Casualty Insurance Company’s Snapshot device, which also uses telematics to transmit information, however hackers didn’t provide a proof of concept for the device’s vulnerabilities earlier this year.

The Wired story offered a tidbit of terrifying information: UCSD hackers scanned the web using Shodan and found “thousands” of hackable devices — mostly in Spain. It was unclear in earlier hacking reports how vulnerable cars could be targeted without first having direct contact with the car or physical access. Now, apparently, there’s a web search for that.

In addition to insurance dongles, the hackers say similar hacks could be used for dongles placed in fleet vehicles used for tracking.


Comments
Join the conversation
2 of 34 comments
  • Signal11 Signal11 on Aug 11, 2015

    This is a much more legit hack than the earlier one reported by Aaron. This attacks through a device that you, your insurance company or your rental car company installed, not one the attackers had to place themselves. A modem attached to the CAN bus network exposes the entire network, which is what happened here and with the Chrysler hack. As for those who are knee-jerk poopooing this story, this is the problem of shoddy journalism. The last article was crying wolf. This attack, OTOH, is legit threat if you've got a telemetry reporting device for whatever reason because you are now driving around with a known, exposed attack vector. Among the things that are pretty much possible on all post mid 90s cars via CAN bus commands - deploying/deactivating air bags.

  • Thegamper Thegamper on Aug 12, 2015

    Ill gladly pay extra in insurance costs to avoid the use of a "safe driving" telemetry device. I have a feeling, in my case, the associated cost in declining to have my vehicle fitted with one would be far less than the cost after the insurance company reads the telemetry data and or dropped me from insurance.

  • Wolfwagen IIRC I remember reading somewhere that the Porsche Cayenne was supposed to have a small gasoline-powered block heater. There was a loop in the cooling system that ran to the heater and when the temperature got to a certain point (0°C)the vehicle's control unit would activate the heater. I dont know if this was a concept or if it ever made it into production.
  • Jeffro As I sit here this morning with my 2 day old TRD OFF ROAD 4RUNNER tucked safely away in the garage, my head spins with this weird desire to locate a 85 LTD equipped with the epic 😵‍💫2.3 and the FOUR ON THE FLOOR. THE HOLY GRAIL. Ying and yang baby!The search begins.
  • ToolGuy 404 error on the product link. Which probably isn't terrific marketing on TTAC's part. https://thinkwarestore.com/product/f200-pro-ca
  • ToolGuy Second picture: Do you like pegboard storage? (I don't.)
  • ToolGuy "WHAT???"(old 'I was in the artillery' joke)
Next