WASHINGTON — Two security researchers attacked a Jeep Cherokee earlier this month to show drivers how easy it is to hack the computer system.
Andy Greenberg, a senior writer for WIRED, drove through St. Louis while Charlie Miller and Chris Valasek manipulated the air conditioner, radio and windshield wipers. The hackers cut the transmission while he was on the highway as well. Greenberg wasn’t injured.
“Our modern car is essentially a computer on wheels,” Joshua Corman, founder of cyber safety group I Am The Cavalry, tells WTOP. “As soon as you put software on something, you make it hackable, and as soon as you connect it to the outside world, you make it exposed. The Internet of things is actually becoming quite dangerous.”
Two years ago, hackers demonstrated how to hack a Toyota Prius. Some Chrysler vehicles use an Internet feature called Uconnect in its vehicles. Last week, Chrysler released a software update to improve its electronic security. That update includes a patch to prevent the attack developed by Miller and Valasek. That doesn’t mean the vehicle is entirely safe just yet.
“We’re gonna get worse before we get better,” Corman says. “Now that they’ve actually demonstrated this on an unaltered vehicle without physical access, it’s going to scare a lot of people.”
Sens. Edward J. Markey, D-Massachusetts, and Richard Blumenthal, D-Connecticut, have introduced the Security and Privacy in Your Car Act of 2015 which, if approved, would mandate that vehicle software systems be isolated and the car be safeguarded against hacking.
Listen to Corman’s full interview below.
Watch a video about the Jeep hack: