Beware of Hackers Controlling Your Automobile

Beware of Hackers Controlling Your Automobile
GMC's Yukon hybrid, control software logic analyzes hundreds of inputs every 10 milliseconds, including vehicle load, engine operations, battery parameters, and the temperatures in the high-voltage electric components. Credit: GMC

( -- A team of researchers led by Professor Stefan Savage from the University of California, San Diego and Tadayoshi Kohno from the University of Washington set out to see what it would take to control an automobile’s electronic control units (ECUs); what they found out may surprise you.

The researchers focused their attacks of the automobile’s ECUs which are located all over a vehicle and control the workings of many car components. The hackers created software called ‘CarShark’ to monitor communications between the ECUs and used fake packets of data to carry out the attack.

Access to the automobile’s was done through the computer’s access port that is standard among cars and used by mechanics to diagnose car’s performance before servicing.

The researchers launched a series of attacks against the automobile’s ECUs in a moving and stationary vehicle to determine how much control they could have on the car.

The researchers stated; "We are able to forcibly and completely disengage the brakes while driving, making it difficult for the driver to stop. Conversely, we are able to forcibly activate the brakes, forcing the driver forward and causing the car to stop suddenly."

The researchers found that practically every system in the car, such as brakes, light, engine, cooling, instrument panel, radio, and door locks, were vulnerable to attack.

The conclusion the team came to is that the vehicle’s software was “fragile” and easy to sabotage. In some cases simply sending imperfect packets of data, rather than specific control code, was enough for triggering a response from the vehicle.

Hacking into an automobile’s computer system is nothing new and has been happening since car computers systems have appeared. Typically hacking into a vehicle’s wireless key system or a ’s ECUs to boost has been happening for years.

As technology advances in automobiles, the risk grows greater that hackers will one day develop a means of getting into a vehicle’s control system remotely that will cause serious safety concerns.

Explore further

Automobile control research opens door to new safety features (w/ Video)

More information: Experimental Security Analysis of a Modern Automobile

© 2010

Citation: Beware of Hackers Controlling Your Automobile (2010, May 18) retrieved 16 September 2019 from
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Feedback to editors

User comments

May 18, 2010
"...what they found out may surprise you."

Really? It should surprise me that hackers with unfettered access to a car's computer modules should be able to screw up the car's operation? I could do worse with a bucket of sand and a pound of sugar.

If this article argues for anything, it's better locks. Meanwhile, don't create a traffic system that depends on centralized radio control. Now, if a hacker could generate bogus GPS signals, that would cause some serious havoc...

May 18, 2010

May 18, 2010
I think what is supposed to be shocking is the unprecedented level of control the computer systems have over the vehicle combined with their ease of access.

Sure you could compromise the control system on say first gen ABS cars. But you'd probably need a jack and some wrenches. This is something a passenger could potentially even connect, and with wireless broadband etc., the enabling factors are now there for a real "remote control car" scenario.

May 18, 2010
haha, I'm not surprise at all.. this has been possible for years.

May 18, 2010
Hmmm. An alternative to cutting the brake tubes in your rich wife's car? Set to activate the next time she's on her way to the in-laws.

May 18, 2010
Difference here is that cutting tubes or using some sugar (you can use quite a bit less than a pound to wreck havoc :-)) will leave some sort of trace that tampering has occurred. Plus you need physical access to the car.

This sort of tampering could be performed remotely and it is possible for the saboteur to cover his/her tracks - leaving the liability to the driver.

May 18, 2010
I'll be worried when they do it wireless. If they had access to your computer, they could have just cut the breaks.

May 18, 2010
I know of a simpler way to sabotage brakes on a car. It's called cutting the brake line by reaching your hand around the wheel.

May 18, 2010
Now the enemies of the state or corporations will have a much better chance of driving off a cliff with no brakes at full throttle...

May 18, 2010
Gee, I wonder if it could make a car accelerate out of control? :)

May 19, 2010
I wonder if it is typical to look for this type of tamper in routine accident forensics?

May 19, 2010
Will Symantec release an automotive antivirus? What will be the mileage hit if installed?

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more