The CIA Allegedly Considered Connected Cars as 'Potential Mission Areas' for Hacking

Matt Posky
by Matt Posky

Automakers are hurriedly trying to implement connected vehicle technology and autonomous solutions to entice consumers, though there remains an underlying phobia among the general public that isn’t without a basis in reality. Cyber security is considered essential to the evolution of self-driving cars and plays an equally important role in the vehicles of today that offer enhanced connectivity.

Since modern automobiles rely so heavily on computers, there’s a plethora of elements that hackers could target. However, these hackers don’t necessarily need to operate outside of the law.

Embedded in a WikiLeaks analysis of documents allegedly acquired from the Central Intelligence Agency is an apparent interest in hacking automobiles. The most terrifying takeaway from those files? The claim that the CIA could theoretically use the systems in modern passenger vehicles to conduct “nearly undetectable assassinations.”

The specific example given was a document citing cars using BlackBerry Ltd.’s QNX automotive software, which is used in more than 60 million vehicles.

CIA meeting notes specifically mention QNX as one of several “potential mission areas” for the agency’s Embedded Devices Branch. That branch is also alleged to have collaborated with United Kingdom’s MI5/BTSS to hack phones using Android and Apple operating systems, as well as Samsung’s Smart TVs. After being attacked with hidden malware, those devices could then be converted into listening devices or even controlled by a third party.

The notes that mention the car-based systems — dated October 23, 2014 — said that Blackberry hadn’t yet been notified of the branch’s work. The documents also do not specify if the CIA ever moved ahead with QNX as a hacking target.

However, we already know that modern vehicles can be hacked. Researches working with Wired gained digital access to a Jeep Cherokee in 2015 and managed control many of the car’s systems, including the throttle, brakes and steering. FCA then recalled 1.4 million cars and trucks, making it the first automotive recall ever prompted by hacking trepidations.

While there are over 10,000 files to sift through, Wikileaks has already alleged that the CIA developed what editor-in-chief Julian Assange considered an “arsenal” of malware to attack and control “all the systems that average people use”.

“Once the material is effectively disarmed, we will publish additional details,” Assange said.

U.S. federal agencies have launched a criminal investigation into the release of the documents.

Matt Posky
Matt Posky

A staunch consumer advocate tracking industry trends and regulation. Before joining TTAC, Matt spent a decade working for marketing and research firms based in NYC. Clients included several of the world’s largest automakers, global tire brands, and aftermarket part suppliers. Dissatisfied with the corporate world and resentful of having to wear suits everyday, he pivoted to writing about cars. Since then, that man has become an ardent supporter of the right-to-repair movement, been interviewed on the auto industry by national radio broadcasts, driven more rental cars than anyone ever should, participated in amateur rallying events, and received the requisite minimum training as sanctioned by the SCCA. Handy with a wrench, Matt grew up surrounded by Detroit auto workers and managed to get a pizza delivery job before he was legally eligible. He later found himself driving box trucks through Manhattan, guaranteeing future sympathy for actual truckers. He continues to conduct research pertaining to the automotive sector as an independent contractor and has since moved back to his native Michigan, closer to where the cars are born. A contrarian, Matt claims to prefer understeer — stating that front and all-wheel drive vehicles cater best to his driving style.

More by Matt Posky

Comments
Join the conversation
3 of 22 comments
  • Eiriksmal Eiriksmal on Mar 09, 2017

    You... You used stock imagery of that terrible Google invention, Angular.js, to depict hacking? Through the powers of the internet, you can even find the pull request that added that particular section. https://github.com/angular/angular.js/pull/1958/files Much better hacker images involve Googling "hacker stock image." My favorites are the ones of masked men with tiny hammers, threatening their own laptops.

  • Art Vandelay Art Vandelay on Mar 09, 2017

    I have an upcoming interview with an automaker for an in-vehicle cyber defense position. I may be the one dude who looks at this as a positive!

  • 1995 SC PA is concerning, but if it spent most of its life elsewhere and was someone's baby up there and isn't rusty it seems fairly priced.
  • CanadaCraig I don't see ANY large 'cheap' cars on the market. And I'm saying there should be.
  • 1995 SC I never cared for the fins and over the top bodies on these, but man give me that interior all day. I love it
  • 1995 SC Modern 4 door sedans stink. The roofline on them is such that it wrecks both the back seat and trunk access in most models. Watch someone try to get their kid into a car seat in the back of a modern sedan. Then watch them try to get the stroller into the mail slot t of a trunk opening. I would happily trade the 2 MPG at highway speed that shape may be giving me for trunk and rear seat accessibility of the sedans before this stupidity took over. I ask you, back in the day when Sedans were king, would any of them with the compromises of modern sedans have sold well? So why do we expect them to sell today? Make them usable for the target audience again and just maybe people will buy them. Keep them just as they are and they'll keep buying crossovers which might be the point.
  • Kwik_Shift_Pro4X As much problems as I had with my '96 Chevy Impala SS.....I would love to try one again. I've seen a Dark Cherry Metallic one today and it looked great.
Next