A bit of malicious code leads to near-full remote control of a Chevy Impala.
DARPA does all sorts of crazy, interesting stuff with it’s multi-million-dollar budget. From bullets that change direction to laser defense weapons on business jets, the government’s kooky, skunkworks-y research division usually lives somewhere between the crazy futuristic, and the bleeding edge.
And their latest demo is no different, even if it’s a little scary. While being profiled by 60 Minutes, DARPA’s Dan Kaufman demonstrated how a hacker can assume control of certain vehicles through cellular data connections. In other words: Kaufman hacked into a Chevy Impala through the car’s OnStar cellular service connection.
Kaufman, who runs DARPA’s Information Innovation Office, offers up some details, but keeps most of the technical details on the down-low. To start, Kaufman floods the car’s OnStar connection with traffic. During the flood, a data packet is transmitted to the vehicle’s internal computers, complete with code that allows the remote control to go through. Once the connection is established and the code is executed, many of the vehicle’s functions are under remote control — braking and acceleration included. Kaufman even turns the windshield washer fluid jets on, just for kicks.
And this demo isn’t just for kicks. Senator Ed Markey (D-MA) today published a report on how hackable new cars can be. (Full report is here.) That report, among other findings, says that “Only two automobile manufacturers were able to describe any capabilities to diagnose or meaningfully respond to an infiltration in real-time.”
The primary takeaway? So much of the computer hardware and software used in cars today is proprietary and deemed confidential by automakers, so it’s difficult to get a bead on which manufacturers are pushing forward in data security. Even Senator Market’s report doesn’t name specific manufacturers, generating just as many new questions as there are answers.