Cybersecurity

New Jeep hack allows remote steering, acceleration

New Jeep hack allows remote steering, acceleration

Last year, two researchers set car owners and legislators into a panic when they demonstrated how to cut the engine of a Jeep on the highway from the comfort of an apartment. This year, they are demonstrating a new attack that allows them to slam on someone else’s breaks or spin their steering wheel. 

Charlie Miller and Chris Valasek presented their first hack on Fiat Chrysler cars — including the Jeep, demonstrated in a memorable viral video — at last year’s Black Hat security conference. Fiat Chrysler patched the security vulnerability. The pair have now returned with a new, similar attack that circumvents the patch.

Miller and Valasek, who study automotive security for Uber, will show how to override the system controlling things like the speedometer, steering and brakes. 

ADVERTISEMENT

The attack reportedly works like this: The duo first convinces the internal network of the car that the unit that issues commands is updating and needs to go offline. Then they inject their own commands. 

“Imagine last year, if instead of cutting the transmission on the highway, we’d turned the wheel 180 degrees. You wouldn’t be on the phone with us. You’d be dead,” Valasek told Wired. 

Sens. Ed MarkeyEdward (Ed) John MarkeyOcasio-Cortez says having Green New Deal would have helped handle COVID-19 pandemic OVERNIGHT ENERGY: Democrats push expansion of offshore wind, block offshore drilling with ocean energy bill | Poll: Two-thirds of voters support Biden climate plan | Biden plan lags Green New Deal in fighting emissions from homes Biden plan lags Green New Deal in fighting emissions from homes MORE (D-Mass.) and Richard Blumenthal (D-Conn.) and Reps. Ted Lieu (D-Calif.) and Joe WilsonAddison (Joe) Graves WilsonDemocrats raise alarm about new US human rights priorities Democrat Teresa Leger Fernandez defeats Valerie Plame in New Mexico primary Trump campaign launches new fundraising program with House Republicans MORE (R-S.C.) proposed automotive cybersecurity legislation last year.