My Thoughts on Technology and Jamaica: Security Researcher hack a 2014 Jeep Cherokee - How to remotely hack an Internet Connected Vehicle as Remote Vehicle Homicide possible

Sunday, July 26, 2015

Security Researcher hack a 2014 Jeep Cherokee - How to remotely hack an Internet Connected Vehicle as Remote Vehicle Homicide possible

If you've been hiding under a rock, the secret's out: Car hacking is possible.

Security Researchers Charlie Miller, a Security Researcher at Twitter and Chris Valasek , Director of Vehice Security Research Firm IOActive are now in the limelight.

Working with Wired Magazine's Andy Greenberg, they managed to hack a Jeep Cherokee while the writer at along for the ride as reported in the article “Hackers remotely kill a Jeep on the highway - with me in it”, published 07.21.15 by Andy Greenberg, Wired.

Normally I’d write a lot of stuff at this point. But I think this time, I'll let the video do all the talkin'!

Their research has now resulted in legislation being considered by Senators Ed Markey and Richard Blumenthal to improve automotive security and set new Digital Standards for Internet  connected Cars and Trucks as reported in the article “Senate Bill seeks standards for Cars' Defenses from Hackers”, published 07.21.15 by Andy Greenberg, Wired.

The pair plans to publish their research and do the talk circuit rounds at the Black Hat Security Conference in Las Vegas in August 2015.

Andy Greenberg the Guinea Pig for Security Researchers- 2 Years worth of Research Vindicated

This is the culmination of almost two (2) years of research since, during which time Wired Magazine's Andy Greenberg was their occasional guinea pig as reported in the article “Hackers Reveal Nasty New Car Attacks--With Me Behind The Wheel (Video)”, published JUL 24, 2013 by Andy Greenberg, Forbes.

This in a bid to demonstrate to the reporter – and the Automotive Industry - that Car hacking was indeed real. Worse, you didn’t have to be physically in the vehicle; it could be done remotely over the Internet, with deadly results being possible.

From July 1, 2015

They had the clearly nervous Andy Greenberg drive a Ford Escape and a Toyota Prius around a South Bend, Indiana will they remotely controlled almost all aspects of the vehicle functionality via special software on their Laptops. But that was in a parking lot and via Wi-Fi.

But could it be done over a longer distance? After some DARPA (Defense and Research Project Agency) funding, studying vehicle schematics and even tearing down a Toyota Prius and a Ford Escape to see how its ECU (Electronic Control Unit) works, the short answer, as this video clearly shows, is yes!

Security Researcher hack a 2014 Jeep Cherokee - How to remotely control an Internet Connected Vehicle

As I said before, Car hacking is real as this video graphically demonstrated!

By August 2014 these Security Researchers gave CNN Money a long list of vehicle makes and models that were hackable as reported in my blog article entitled “Automotive Security Researchers tell CNN Money Vehicles are hackable - How Vehicle Entertainment Systems are hacked”. 

The models that were listed in that interview were:

1.      2014 Audi A8
2.      2014 Dodge Viper
3.      2014 Jeep Cherokee
4.      2014 Toyota Prius
5.      2015 Cadillac Escalade

And yes, if you check that article and the list above, the 2014 Jeep Cherokee was listed among vehicles that were hackable.

The pair deemed it to be the most hackable in the list simply because the  Engine Management i.e. Brakes, Steering, Tire Pressure Monitor and Engine and on the same Internal Vehicle Network, known as the CAN (Controller Area Network) Bus as the Entertainment System in most of the models.

The 2014 Jeep Cherokee connects via the OnStar Cellular Network, which is really a Baseband Processor for the Sprint Network, which is also connected to the  Engine Management and the Entertainment System.

It thus became the focus of their continue research into remotely hacking via the Internet, as they soon realized that there was no authentication for the remote access; almost any Fiat Chrysler vehicle using the Uconnect Software was trackable and hackable.

A hacker merely need to infect the vehicle's Entertainment System with a Trojan horse that lays in wait for instruction sent via Wi-Fi (if within range!) or via the Sprint Network, accessible via a cellphone connected to that Network.

Using a laptop, a Sprint cellphone and special software, Security Researchers Charlie Miller and Chris Valasek can then remotely control the target vehicle.

Vehicle Hacking via a Cellular Network – Vulnerability in the Baseband Processor

But this recent car hacking video demonstration by Security Researchers Charlie Miller and Chris Valasek is different. They're apparently exploiting the fact that these three (3) Systems may even be sharing the same Hard-drive and memory.

This makes it very easy for hackers to gain control of the entire System via access to one of the more vulnerable Systems, which in this case is the Baseband Processor for the Sprint Network.

What's worse, they apparently can hack the vehicles WITHOUT installing any special software via the Entertainment System. They can also scan the Sprint Network for other equally vulnerable connected vehicles that they can hack.

If so, then it implies that vehicle manufacturers have been playing fast and loose with the security of passengers in vehicles.

Fiat Chrysler recalls 14 million vehicles – Fix for Security hole in Uconnect System

Now that the video is out, on Friday July 24th 2015, Fiat Chrysler, makers of the 2014 Jeep Cherokee, has issued a voluntary recall to upgrade the Entertainment System software in some 14 million vehicles as reported in the article “Fiat Chrysler to recall 1.4 million vehicles following remote hack”, published July 24, 2015 by Lance Whitney, CNET News.  

The vehicles included in the recall are the following models that use the Uconnect Software and have the 8.4-inch touchscreens:

1.      2013-2015 MY Dodge Viper specialty vehicles
2.      2013-2015 Ram 1500, 2500 and 3500 pickups
3.      2013-2015 Ram 3500, 4500, 5500 Chassis Cabs
4.      2014-2015 Jeep Grand Cherokee and Cherokee SUVs
5.      2014-2015 Dodge Durango SUVs
6.      2015 MY Chrysler 200, Chrysler 300 and Dodge Charger sedans
7.      2015 Dodge Challenger sports coupes

Owners of any of these vehicles can go the Fiat Chrysler Uconnect software update site  and check if they’re on the recall list by typing in their VIN (Vehicle Identification Number). A visit to their local  Fiat Chrysler can get then the update via a USB Drive, which they can then use to upgrade their Uconnect software.

It is this software that the Security Researchers Charlie Miller and Chris Valasek exploited to remotely control the vehicles. Ironically, this was the same software that grants the car owner the same level of control over their vehicle, including tracking it location via GPS and was really a security and anti-theft feature.

They plan to release all but the parts of their software that gives hackers the ability to infect the CAN Bus; hacker’s will have to do their homework. But they can demonstrate the remote access to the vehicle, evidence enough that Remote Hacking  of Internet connected vehicles is possible.

Researcher heading to Black Hat Security Conference - Vehicle Hacking makes Remote Vehicle Homicide possible

Albeit their demonstration is benign at best, this vulnerability can potentially be exploited to commit Remote vehicular homicide from hundreds of miles away as reported in my blog article entitled “Mission Secure Inc and Perrone Robotics Inc say Vehicles can be hacked - Apple Carplay and @Android Auto Assassin’s Weapon of Choice in Contract Remote Vehicular Homicide”.

US security firms Mission Secure Inc (MSi) and Perrone Robotics Inc in June 2015 have pointed out that IVE (In-Vehicle Entertainment Systems), the same target identified by the Security Researchers Charlie Miller and Chris Valasek, is a potential point of attack for hackers.

The veracity of the work of Researchers Charlie Miller and Chris Valasek over the past two (2) years has been proven true. As Automakers take steps to make sure their Systems cannot be compromised, the pair will definitely be the talks of the Black Hat Security Conference in Las Vegas come August 2015!

No comments: