Apparently All Cars Can Be Hacked Now: Insurance Dongle Edition
Hackers say they may be able to control any vehicle with a telematics-enabled sensor — including a popular sensor that insurance companies use for consumers — plugged into the car’s diagnostic port, according to Wired report (via The Verge).
In recent weeks, several hacks have surfaced — Chrysler, General Motors and Telsa — related to specific automakers. According to the report, the On-Board Diagnostic system hack could apply to any make or model fitted with an insurance or tracking dongle. The University of California San Diego researchers say they’ll present their findings at the Usenix conference Tuesday.
And, um, there’s no easy way to put this, but … it doesn’t appear that it would be all that hard to find cars with the dongles at the moment.
The story focused on a dongle provided by a Bay Area-insurance provider, MetroMile, who uses the dongle to charge customers by the mile. Hackers remotely shutdown a Corvette using the device by sending the dongle an SMS message that confused the device into controlling the car’s vital functions. The hackers say they could control steering, throttle and brakes using the hacks. Although the target was a Corvette, the researchers said they could apply the hack to many more cars.
From the story:
“It’s not just this car that’s vulnerable,” says UCSD researcher Karl Koscher. He points to the work of researchers Charlie Miller and Chris Valasek, who revealed and published the code for a wide array of attacks on a Toyota Prius and Ford Escape in 2013 that required only access to a vehicle’s OBD2 port. “If you put this into a Prius, there are libraries of attacks ready to use online.”
MetroMile says it wirelessly updated its devices when it became aware of the hack weeks ago.
Hackers say that the hack may apply to Progressive Casualty Insurance Company’s Snapshot device, which also uses telematics to transmit information, however hackers didn’t provide a proof of concept for the device’s vulnerabilities earlier this year.
The Wired story offered a tidbit of terrifying information: UCSD hackers scanned the web using Shodan and found “thousands” of hackable devices — mostly in Spain. It was unclear in earlier hacking reports how vulnerable cars could be targeted without first having direct contact with the car or physical access. Now, apparently, there’s a web search for that.
In addition to insurance dongles, the hackers say similar hacks could be used for dongles placed in fleet vehicles used for tracking.
More by Aaron Cole
Comments
Join the conversation
This is a much more legit hack than the earlier one reported by Aaron. This attacks through a device that you, your insurance company or your rental car company installed, not one the attackers had to place themselves. A modem attached to the CAN bus network exposes the entire network, which is what happened here and with the Chrysler hack. As for those who are knee-jerk poopooing this story, this is the problem of shoddy journalism. The last article was crying wolf. This attack, OTOH, is legit threat if you've got a telemetry reporting device for whatever reason because you are now driving around with a known, exposed attack vector. Among the things that are pretty much possible on all post mid 90s cars via CAN bus commands - deploying/deactivating air bags.
Ill gladly pay extra in insurance costs to avoid the use of a "safe driving" telemetry device. I have a feeling, in my case, the associated cost in declining to have my vehicle fitted with one would be far less than the cost after the insurance company reads the telemetry data and or dropped me from insurance.