When, in 2013, hackers Charlie Miller and Chris Valasek hard-wired their laptops into a Ford Escape and a Toyota Prius and assumed control of the cars’ electronic systems from the back seat while a journalist from Wired magazine drove around a car park, some of the car industry raised an eyebrow about the potential for cars to be electronically hacked.
But back then, the pair of them needed access to a diagnostic port, and – hey – who’d give that sort of access to a hacker?
So last week, while the same Wired reporter drove a Jeep around the outskirts of St Louis, the same hackers sat on a sofa 10 miles away and remotely gained control of the car’s systems. Not just a few innocuous ones, such as the wipers or stereo, but ones like the engine, brakes and transmission.
So now everyone has raised an eyebrow and is wondering what the motor industry is going to do about a potentially catastrophic security flaw.Cars are more connected and, electronically, more complex than ever.
They’ve become that way innocently enough. As wiring looms for all of a car’s features – ABS, hi-fi, lighting, engine, transmission and so on – became massively complicated, a bright spark at Bosch had the idea of sharing a common set of wiring, called a CAN bus, along which power and data info could be passed.
The CAN bus saves a lot of wiring and therefore a lot of weight and money but means a car’s electronic control units – of which a car might have dozens – are all effectively connected to each other.
None of which would have been seen as a problem in the 1990s when CAN buses started being used, because no one would have thought you could sit in your pants on a sofa and gain malicious access to it.