New Jeep hack allows remote steering, acceleration

New Jeep hack allows remote steering, acceleration

Last year, two researchers set car owners and legislators into a panic when they demonstrated how to cut the engine of a Jeep on the highway from the comfort of an apartment. This year, they are demonstrating a new attack that allows them to slam on someone else’s breaks or spin their steering wheel. 

Charlie Miller and Chris Valasek presented their first hack on Fiat Chrysler cars — including the Jeep, demonstrated in a memorable viral video — at last year’s Black Hat security conference. Fiat Chrysler patched the security vulnerability. The pair have now returned with a new, similar attack that circumvents the patch.

ADVERTISEMENT

Miller and Valasek, who study automotive security for Uber, will show how to override the system controlling things like the speedometer, steering and brakes. 

The attack reportedly works like this: The duo first convinces the internal network of the car that the unit that issues commands is updating and needs to go offline. Then they inject their own commands. 

“Imagine last year, if instead of cutting the transmission on the highway, we’d turned the wheel 180 degrees. You wouldn’t be on the phone with us. You’d be dead,” Valasek told Wired. 

Sens. Ed MarkeyEd MarkeyOvernight Energy & Environment — Starting from 'scratch' on climate, spending bill Overnight Health Care — White House boosts mask availability Senate Democrats call for investigation into reported price gouging for COVID-19 tests MORE (D-Mass.) and Richard Blumenthal (D-Conn.) and Reps. Ted Lieu (D-Calif.) and Joe WilsonAddison (Joe) Graves WilsonLast living Nuremberg Trials prosecutor deserves Congressional Gold Medal Gallego leads congressional delegation to Ukraine Overnight Defense & National Security — Presented by Raytheon Technologies — Biden backtracks on Taiwan MORE (R-S.C.) proposed automotive cybersecurity legislation last year.