Could hackers wirelessly steal your car?

Engineers managed to break into a 2009 sedan without so much as a coat hanger. Could the high-tech gadgetry in our cars leave them vulnerable to thieves?

Car thieves of the future: Our cars' modern electric gadgets helped a team of engineers break hack into a sedan and control its engine, locks and breaks.
(Image credit: Corbis)

Modern vehicles are equipped with everything from GPS modules to Bluetooth-enabled cellular systems. But researchers have found that the electronic gadgets that make our lives easier may also make our cars easier to steal. A team of engineers from the University of California, San Diego and the University of Washington has figured out how to break into a typical sedan by hacking into the car's internal computers. Here, a brief guide:

Is it really possible to hack a car?

Yes. Scientists first managed to do it last year, using the onboard diagnostic port which is located under the dashboard of almost all modern cars. By plugging in a laptop, they were able to kill a car's engines, lock its doors, turn off its brakes, and fake speedometer readings. Now, the same group of researchers managed to hack into a 2009 sedan without even entering the car.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE
https://cdn.mos.cms.futurecdn.net/flexiimages/jacafc5zvs1692883516.jpg

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up

How many computers does a modern car typically have?

A typical luxury sedan contains about 100 megabytes of code controlling between 50 and 70 tiny computers inside the car. These tend to communicate over a shared network, which is why it's so easy for hackers to take control of a car. "Once you're in, you're in," says Stefan Savage, a UCSD computer scientist who helped conduct the research.

How did they break in wirelessly?

Using the car's CD player. By adding a few lines of code to a digital music file, the researchers were able to turn a song burned onto a CD into a "Trojan horse" virus. When the CD was played on the in-car stereo, the virus accessed its computer system and gave the would-be hackers an entry point.

Wait, wouldn't a thief need to get his CD inside the car before stealing it?

In this case, yes. But researchers also found a way in by hacking the car's cellular security and assistance system — the kind of in-car computer offered by GM's OnStar service, for example. The engineers made around 130 calls to the car, and uploaded a virus by playing 14 seconds of infected audio.

This sounds like pretty high-tech stuff. Wouldn't it be way over the head of most car thieves?

It certainly would, says Savage. Petty larcenists aren't going to be hacking into your car anytime soon. "This took 10 researchers two years to accomplish," he said. "It's not something that one guy is going to do in his garage." But more-sophisticated criminal networks could make use of the technology.

How can these thieves be stopped?

Carmakers are reportedly taking these security issues "very seriously," say the researchers, but haven't said what they plan to do to make their computer systems unhackable. Luckily, says Robert McMillan at PCWorld, they have built-in security against widespread hacking, in that cars' electronic control units are never mass-produced. "Even though an attack might work on one year and model of vehicle," McMillan says, "it's unlikely to work on another."

Sources: Discover, PCWorld, Technology Review (2)

To continue reading this article...
Continue reading this article and get limited website access each month.
Get unlimited website access, exclusive newsletters plus much more.
Cancel or pause at any time.
Already a subscriber to The Week?
Not sure which email you used for your subscription? Contact us