Can Your Car Be Hacked?

When you go for a drive, you ride atop a slew of computers. These computers control your engine's performance, your steering, your brake, and throttle input. Your radio, navigation, air conditioning, and instrument cluster. Your power windows, you door locks—you get the picture.

Now, chances are rare that it could happen to you. Nonetheless, comparisons to dystopian sci-fi novels notwithstanding, here is where the technology is, where it's going, and what 21st-century motorists can do to prevent it.

Last year, security experts Charlie Miller and Chris Valasek successfully controlled a car from across the Internet, 10 miles away, while it drove down a Missouri freeway. With an increasingly nervous reporter behind the wheel, they first tapped into the electrical systems—wipers started going off, the air conditioning went to full blast—before cutting the transmission at 70 miles per hour, which is right around the time when things got serious.

The vulnerabilities came from the car's infotainment system, which is linked to a cellular network: it contained security flaws that the hackers were able to exploit. The result prompted lawmakers to propose an automotive security bill, made every automaker on the planet just as nervous as said reporter, and forced the car maker to issue a recall—with a security patch that Miller and Valasek helped research, just to prevent this sort of thing from happening.

Throughout all of this research, one thing has remained clear: there has not been a single reported instance of a hacker controlling someone's vehicle without their permission. It took the pair of Miller and Valasek years to be able to hone their hacking prowess: three years of effort, working specifically with one model and one infotainment system. Any guy with a laptop and a burner phone isn't likely to replicate their scheme quickly or with much success. The team also needed specific information to access the exact car they were targeting, namely the vehicle's IP address, which isn't exactly printed on a car's windshield. Every instance of car hacking, then, has been conducted by university researchers or security experts, oftentimes working alongside carmakers to pinpoint their vulnerabilities. Rest assured they're on our side.

Oh, you'll know. Your car could shut down. Warning lights will come on sporadically, as researchers found out once they gained access via tire pressure monitoring systems. Videos from Miller and Valasek show cars accelerating to 40 miles per hour, via cruise control systems, slamming on the brakes, or disengaging the transmission—nearly every function of a car. Despite the fact that this hasn't happened yet outside of a research environment, it's easy to see the panic this possibly instills.

Miller and Valasek's research gave automakers a kick in the backside. Carmakers learned they needs to protect their infotainment systems, and keep doing so, even taking a page from the tech industry by roping in the services of hackers to help them pinpoint bugs in their systems. So far over 200 bugs have been found.

To take proper precautions, take your car to reputable dealerships only, and pay attention to technical service bulletins (the NHTSA offers handy updates) that might include updates to your infotainment system. Those plug-in USB dongles from insurance companies that track your driving style? They've been linked to myriad vulnerabilities. Likewise, the remote shutdown systems can lock a car down if the owner doesn't pay the dealership. In 2010, one disgruntled dealership ex-employee managed to shut down over 100 cars, which had been equipped with a device to do exactly that. In the end, anything has the potential to be hacked, so protect yourself.