Cybersecurity has become a part of our everyday world, even for those of us whose computer knowledge doesn’t stretch beyond web surfing and social media. Everyone, it seems, knows the basic precautions against hackers: the need for antivirus protection and anti-malware software, and employing long strings of characters to create tough-to-crack passwords.
But have you ever given a thought to the cybersecurity of your car? That’s right, your car.
Unfortunately, there is nothing that you, the driver, can do to protect your car from hackers, as was shown recently when two security researchers hijacked a Chrysler Jeep Cherokee. (The driver was a writer for WIRED magazine and was expecting something to happen.) Because the researchers knew the car’s I.P. address (internet protocol address—its network address on the Internet), they could hack into the Jeep’s entertainment system and use it as a gateway to control the car’s brakes, steering, and transmission.
What did they do? They shut off the Jeep’s engine while it was traveling on a highway.
Not Your Father’s Oldsmobile
Cars these days have at least 30 microprocessors (“computer on a chip”) in them, and some have as many as 50 to 100 microprocessors, controlling everything from your entertainment systems to basic things such as antilock brakes, steering, and acceleration. These systems were first built back in the 1990s, when the Internet barely existed outside the U.S. Department of Defense, where the earliest version of it originated.
The problem is, none of the tiny computers, or microprocessors, were ever meant to be connected to anything outside the car. They’re considered “dumb” because they don’t check for authentication, which is a routine precaution built into all modern software that receives commands from outside the system. The software, or code, embedded in each chip is outdated and easily manipulated. Finally, all the microprocessors are connected to each other, with safeguards nonexistent. The last statement explains how an in-dash entertainment or navigation system, which communicates over the Internet, can be used as a gateway to access and control the car’s other systems.
Fix It? Me?
Because of the security problem, Chrysler has recalled 14 million vehicles. But, because the company can’t patch the core software flaw in all those chips, Chrysler presented owners with three options, one of which is to have a USB stick (like a thumb drive) mailed directly to them. This solution, according to many tech experts, is a terrible choice and has been characterized as a dumb move. Trying to repair your car’s microprocessors with the USB stick assumes that you will be able to execute more than a dozen complex steps involved in downloading, building, and installing the software fix.
Do you feel confident you could do such a thing?
A Blueprint for the Future
Because of this urgent problem, Senators Ed Markey and Richard Blumenthal have introduced legislation that addresses the situation. The bill in question would direct the National Highway Safety and Transportation Administration and the Federal Trade Commission to work together to create new cybersecurity standards that would be required of all U.S. automakers.
One of the security researchers who hacked the Jeep said, “If consumers don’t realize this is an issue, they should, and they should start complaining to carmakers. Cars should be secure.”
We’re Listening. How Can We Help?
The aftermath of a vehicle collision can be life-changing for the accident victims and their family, and often takes years of patience and dedication to overcome. If you believe another party was responsible for the injuries or losses you have suffered in a car crash in Maryland, Steve Heisler has the experience necessary to successfully help accident victims get their lives back on track. Contact the Law Offices of Steven H. Heisler today. We can help you obtain compensation for injuries you or your family member sustained. Call (410) 625-4878 for a free consultation, or use our online form.