DEFCON 2015: The Realities of Car Hacking

Tech Talker continues his debrief of DEFCON 2015 with a close look at how cars get hacked.

Eric Escobar
4-minute read
Episode #186

The Jeep attack is especially scary because it uses Sprint's cell network for Internet connection. This means that your car is literally a computer with an Internet connection on wheels. Attackers can access the GPS and know exactly where you are and where you are headed. They can even change the navigation system so that if you're using the onboard GPS directions they could lead you somewhere completely different.

Next there are the apps—specifically an app for the popular service OnStar. A car with OnStar also has an app that you can download, which allows for some pretty cool features, like remote unlock, remote starting of your car, remote stopping of your car, and even tracking your car with the GPS. But a security researcher found that he could intercept communications between the app and the OnStar servers, which allowed him to then essentially clone the app.

With the cloned app, he then had all of the features that a normal OnStar user would have! Can you imagine if a hacker were able to locate you in your car wherever you were? They could then lock it, unlock it, start, and stop the car. This scenario could become a reality for some as cars get smarter and are integrated more heavily with networked computer systems.

If that weren’t bad enough, there’s even a hack out there that involves garage doors and wireless keys for your car. It’s called the rolljam attack and it's pretty easy. It is a small radio device that waits for the radio signal to unlock your car, and then copies it. A hacker can reuse that code once and unlock your car or open your garage door.

So at the end of the day, how do you protect yourself from this? How do you protect yourself from having your car hacked? There really is not a good answer. The best that you can do is to keep your car’s firmware updated.

How do you protect yourself from having your car hacked? ... The best that you can do is to keep your car’s firmware updated.

This is the software for the entertainment system, Bluetooth, and any other systems in your car. Most people don’t even know that this is a thing, but if you check your auto manufacturer’s website, or the manufacturer of the system in question. If you keep listening to this podcast and following my Facebook feed, I’ll be keeping a close eye on vulnerabilities as I hear about them.

Well, that’s it for today! Be sure to check out all my earlier episodes at techtalker.quickanddirtytips.com. And if you have further questions about this podcast or want to make a suggestion for a future episode, post them on Facebook.com/QDTtechtalker.

Until next time, I’m the Tech Talker, keeping technology simple! 

Image courtesy of Shutterstock.


About the Author

Eric Escobar

Tech Talker demystifies technology and cutting edge devices so that even the most tech illiterate can understand what's going on with their computer or gadget — and what to do when something goes wrong.