Car manufacturers have for a long time dismissed and paid less attention to hacking of their vehicles, buses and trucks. They have been vigorously arguing that since their automobiles are fastened by very strong mechanics that are wireless, it makes it very hard for such a system to be hacked. This may be the end of their argument. There are two technological researchers who want to prove them wrong and show them that all a person needs is just a few minutes and a very tiny device. This cheap device has the function of providing a wireless access to the vehicle system and by this the vehicle can be sabotaged.
During the planned security conference which is arranged to happen in Asia, two Spanish technology researchers will unveil the device. The two are Alberto Garcia Illera and Javier Vazquez-Vidal who have arranged to unveil a small device with a total production cost of $20 and with a capacity to change a vehicles internal mechanism when connected to it. The parts that are affected by this gadget include the windows, the headlights, the brakes and the steering. The device which is as small as an iPhone needs to be fixed to the CAN (Controller Area Network), afterwards the device gets its power from the cars charging system and relays signals which jam the car. The device goes by the name CHT (CAN hack.
According to Vidal, a person only requires less than five minutes to attach it and leave. After being attached, the device can be triggered to work immediately or can stay put for even a full year and still be as good.
Vidal said that the kind of signals that can be sent from this device depend on the type and model of a vehicle. Accordingly, he said that they have tested their device on 4 models which he was unwilling to name. He added that the difference ranges from switching on the alarm, turning off the headlights, emergency braking, access to anti-locking brakes, emergency braking etc.
According to their tests on various models, the level of device access depends on each model. For some cars it was as simple as just placing the device under the car while for other cars it involved opening the hood or trunk of the car.
As per now the device operates through the use of Bluetooth. This according to them makes the range of attack to be a short distance. They were also convinced that by the time the event is held in Asia (Singapore), they would have made all the necessary upgrades to the tool so that it can be in a position to use GSM Cellular Radio in place of Bluetooth. This will enable the tool to be able to send the signals from a long distance.
According to the two, the device cannot be traced at all. This is possible due to the fact that the components that make the device are off-shelf and even if it is found the person who made it or planted it cannot be traced.
If this is true, then the works will surely add more knowledge and focus to the security of automobiles that have been networked. The security of the cars will also be paramount among the discussions in Singapore. It was just last year that two other researchers, Chris Valasek and Charlie Miller managed to show that it was very easy to use a laptop to jam a Toyota Prius and a Ford Explorer. In their demonstration, they plugged a laptop into the two vehicles dashboard port and used their laptops to make the two vehicles do very unusual tricks. Some of the tricks they pulled included disabling of the Ford Explorer braking system when in low speed; and jerking the steering of the Toyota Prius. After the demonstration, Edward Markey, a US senator had to send very detailed letters to over 20 car manufacturers in an effort to make then review and upgrade their car security. Even though the car makers were to reply to the letter by the 3rd of January, so as to confirm and give results, the senator’s office has reported that there has been no official communication by the car manufacturers concerning the latter.
In its defense, Toyota’s Safety Manager, Hanson John argued that the demonstration needed a person to have physical access to the car. And that the work of both Valasek and Miller did not prove that Toyota Prius could easily be hacked. Toyota also added that its main aim and the aim of the whole vehicle manufacturing industry was to prevent hacking the vehicle from the outside, like through the use of wireless tools.
According to Valasek and Miller, other researchers had proved earlier on that it was impossible to hack a vehicle by use of wireless technology. They pinpointed a demonstration in 2011 whereby security researchers in the University of California and the University of Washington used cellular connection, a programmed CD file inserted on a car stereo and Bluetooth to access the inside of a car. This demonstration was performed at San Diego.
The device will increase the list of the number of ways in which a car can be hacked using wireless technology. This demonstration will prove that the car manufacturers need to be very careful in their security since it is very cheap. The two researchers said that their purpose is not in any way to provide a cheap hacking device to the people so that they could use it to hack vehicles. They added that their true intention is to show that a car can be hacked using wireless connections. In that connection, they only intend to provide the physical ways of making the device but not to avail the process of sending the codes and signals from the device so as to jam the vehicle.
The two have encouraged the car maker to think outside the box and provide a security that goes past a simple wireless and physical connection. According to Garcia Illera, a car is like a small security unit and as per that moment little security system had been implemented.
