CMDSP Blog
Jeep Hack
6/24/15
In recent news, hackers Charlie Miller and Chris Valasek showed off the new software they have been working on over the past year. What does it do? Well, it can usurp control of Jeep Cherokees on roads up to hundreds of miles away, rendering the driver helpless.
The software grants the hacker control of all functions on the dashboard, including steering, brakes, transmission, and the entertainment system. The hacker can start blasting music leaving the user unable to turn it down. The hacker can turn on the windshield wipers and squirt washer fluid reducing the driver’svisibility. This hacker can even turn off the engine forcing the user to slow down and come to a stop. The only way to stop the hackers? Turning off the car and taking out the keys.
How does this happen? In almost every new Chrysler vehicle, a Uconnect chip is installed. Uconnect is Chrysler’s new entertainment chip used to add smart phone features to their devices. Each chip can connect with Sprint cellular networks when the car is onand get internet reception enabling phone calls, internet radio, and the creation ofwireless hotspots, etc. The cellular network connection invites anyone, so inclined, to find the car’s IP address and gain access from anywhere in the country.
Chrysler has released a patch already, that should work as a deterrent on any of their cars. The only problem is that it needs to be installed manually through a usb drive. Most people who own Chrysler cars are not likely to know how to do it. Likely most vehicles will stay vulnerable because not enough people are going to understand these risks. It is important for people to become more technically minded to prevent this sort of thing.
As the IoT (internet of things) market matures, how we are interconnected grows in importance. CMDSP will continue to offer the best knowledge of inter-connectivity and follow this aspect of technology in its curriculum to inform its members.