20.5k unique visitors in the last 3 days

Hackers Wirelessly Kill Engine of a Moving Car

Two hackers used a remote interface to an entertainment system to disable the engine of a Jeep Cherokee moving at 70mph. This illustrates the underestimated risk of the Internet of Things.

Would you want to drive a vehicle where hackers can use a remote interface to the entertainment system to change your radio station, or switch off the air conditioning, or disable the brakes, or take control of the steering, or stop the engine when you are driving at 70mph? In this incredible video, two hackers prove they can do all that to a Jeep Cherokee.

The hackers are Charlie Miller and Chris Valasek, and they want money and resources so they can see if they can find similar weaknesses in the interfaces of other cars. They deserve support and encouragement. Meanwhile car manufacturers need to raise their game, and put as much investment into researching and preventing hacking as they put into crash simulation and anti-theft devices. If not, the consequences could be devastating.

Thankfully, car manufacturer Fiat Chrysler has now recalled 1.4 million cars in order to update the uConnect system that was hacked by Miller and Valasek. Nevertheless, Miller made an excellent point when issuing this tweet soon after.

Fiat Chrysler tried to hide behind the skirts of the law whilst explaining the need for a recall, saying that hacking cars is a ‘criminal action’. That may be so, but I want any car I drive to be unhackable. I do not want to drive a car where the deterrent to any hacker who wants to kill me is that they risk punishment for hacking in addition to the punishment for my murder. Furthermore, I want guys like Miller and Valasek to be encouraged to find security and safety weaknesses that big businesses have failed to address. They should be rewarded for their efforts, not treated like criminals.

We should all treat this as a wake-up call. Our industry is far too relaxed about security surrounding the Internet of Things. Customers may enjoy having a stereo music system which can connect to the internet, but nobody would risk their life for it. Software development models usually involve a ‘reasonable’ amount of testing that leaves some bugs and flaws to be captured only after the product has been sold to a mass market. When applied to the Internet of Things, that approach is inadequate, and the consequences of failure may be far greater than corrupted data or compromised privacy.

You can learn more about Miller and Valasek, and how they hacked the Jeep Cherokee from this article at Wired.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email