You could end up in a ditch like Andy Greenberg. Or worse.
Stop us if you’ve heard this before. Two computer engineers have successfully infiltrated the Wi-Fi connection of a Jeep Cherokee remotely, drawing intense interest from lawmakers, according to an article and video published on Tuesday by WIRED magazine.
The video—produced by WIRED reporter Andy Greenberg—shows cyber experts controlling the Jeep from a remote location, even while being driven by Greenberg. The simulated stunt is part of an ongoing project developed by hackers Charlie Miller and Chris Valasek. The engineers have been working on cyber automotive infiltration for the past two years. Their efforts have seemingly entered a new level control.
In 2013, Miller and Valasek managed something similar. Again with Greenberg behind the wheel (this time in a Ford Escape and Toyota Prius), the duo dismantled the brakes and took the reigns of the steering wheel, among other things, from the backseat of the car while using their laptops, which had been plugged into the car’s diagnostic port.
Now it appears Miller and Valasek have gone one step further, upping their capabilities to directing the vehicle from a different location via a wireless connection. They tested the technology with Greenberg as their Guinea pig. Long story short: Greenberg ended up in a ditch after Miller and Valasek killed the controls of the Jeep as Greenberg was driving on the highway.
The experiment has apparently piqued the interest of Washington legislators. According to various news outlets, including NPR and CBS News, senators Ed Markey and Richard Blumenthal have already introduced a new automotive security bill to the floor. Markey had previously taken note of Miller and Valasek’s work in 2013.
The success of Miller and Valasek’s hack is bringing up new concerns of vehicle vulnerability, and you can be sure we’ll be following up as the story picks up steam. In the meantime, you can watch Greenberg’s ditch adventure here.
UPDATE: In light if WIRED’s recent article, Chrysler has voluntarily recalled 1.4 million vehicles that may be be vulnerable to hackable software. The company issued a statement earlier today announcing the recall, stating that the company is “unaware of any injuries related to software exploitation…” The company listed several models equipped with 8.4-inch touch screens, the size with which hackers were able to infiltrate. Below is the complete list from the statement:
- 2013-2015 MY Dodge Viper specialty vehicles
- 2013-2015 Ram 1500, 2500 and 3500 pickups
- 2013-2015 Ram 3500, 4500, 5500 Chassis Cabs
- 2014-2015 Jeep Grand Cherokee and Cherokee SUVs
- 2014-2015 Dodge Durango SUVs
- 2015 MY Chrysler 200, Chrysler 300 and Dodge Charger sedans
- 2015 Dodge Challenger sports coupes