The notion of hacking a car’s computer is one that has been confined to fantasy, notably appearing in US TV show Homeland, and in the James Bond film Tomorrow Never Dies. But two American security experts have successfully demonstrated they can override the driver of a car and take full control.
Charlie Miller and Chris Valasek hacked into the electronic control units (ECUs) of two popular car models – a Ford Escape and a Toyota Prius. They attached a laptop via each car’s on board diagnostics port – normally used by mechanics to detect problems – and then took control of the vehicle in question, overriding the driver. Attaching a Nintendo controller to the laptop they could start, steer, and stop the car.
Miller and Valasek undertook the experiment funded by Darpa, the Pentagon’s research facility – in the process of which several vehicles were destroyed – in order to highlight how much the modern car relies on computer systems, and how possible it is to hack into them.
"We would love for everyone to start having a discussion about this, and for manufacturers to listen and improve the security of cars," said Miller, a security engineer at Twitter.
Speaking to the BBC a Toyota spokesman said the firm did not regard the stunt as hacking: "Altered control can only be made when the device is connected. After it is disconnected the car functions normally."
A spokesman for Ford downplayed the wider implications of the stunt: "This particular attack was not performed remotely over-the-air, but as a highly aggressive direct physical manipulation of one vehicle over an elongated period of time, which would not be a risk to customers on any mass level," it said in a statement.
Both Ford and Toyota said they invest heavily in the security of their cars’ on board computer systems.
Miller and Valasek have certainly caused a stir in the HQs of two automotive giants. Here at startrescue.co.uk we just hope they have reliable breakdown cover for any future experiments.