How Hackable Is Your Car? Consult This Handy Chart
Last year, when hackers Charlie Miller and Chris Valasek showed that they could hijack the steering and brakes of a Ford Escape and a Toyota Prius with nothing but laptops connected to the cars, they raised two questions: Could hackers perform the same tricks wirelessly, or even over the Internet? And even more pressing: Is your specific car vulnerable, too?
If you own a Cadillac Escalade, a Jeep Cherokee or an Infiniti Q50, you may not like the answer.
In a talk today at the Black Hat security conference in Las Vegas — and an accompanying 92-page paper — Valasek and Miller will present the results of a broad analysis of dozens of different car makes and models, assessing the vehicles’ schematics for the signs that hint at vulnerabilities to auto-focused hackers. The result is a kind of handbook of ratings and reviews of automobiles for the potential hackability of their networked components. “For 24 different cars, we examined how a remote attack might work,” says Valasek, director of vehicle security research at the security consultancy IOActive. “It really depends on the architecture: If you hack the radio, can you send messages to the brakes or the steering? And if you can, what can you do with them?”
Miller and Valasek are quick to disclaim that their results aren’t definitive assertions about security vulnerabilities in cars and trucks so much as warnings of potential weaknesses. In contrast to their 2013 research, they didn’t do any hands-on hacking. In fact, their recent work consisted mostly of signing up for mechanics’ accounts on the websites of all the car makers, downloading the cars’ technical manuals and wiring diagrams, and analyzing the computer networks those documents revealed. “We wanted to take a step back and look at a whole range of cars in much less detail, to really see what was out there,” Valasek says.
In the researchers’ analysis, three vehicles were ranked “most hackable”: the 2014 models of the Infiniti Q50 and Jeep Cherokee and the 2015 model of the Cadillac Escalade. The full results, summarized in the chart below, show that the 2010 and 2014 Toyota Prius didn’t fare well either.
Miller and Valasek’s findings represented in a single chart. A plus sign represents “more hackable,” a minus sign “less hackable.” (Charlie Miller and Chris Valasek)
All the cars’ ratings were based on three factors: The first was the size of their wireless “attack surface” — features like Bluetooth, WiFi, cellular network connections, keyless entry systems, and even radio-readable tire pressure monitoring systems. Any of those radio connections could potentially be used by a hacker to find a security vulnerability and gain an initial foothold onto a car’s network. Second, they examined the vehicles’ network architecture, how much access those possible footholds offered to more critical systems such as steering and brakes. And third, Miller and Valasek assessed what they call the cars’ “cyberphysical” features: capabilities like automated braking, parking and lane assist that could transform a few spoofed digital commands into an actual out-of-control car.