DARPA Takes Control Of Vehicle Through Hacking Its OnStar System
In a report which aired on the February 6 edition of 60 Minutes, the Defense Departments demonstrated that it has the ability to hack into a vehicle through its OnStar system and take total control of the entire vehicle including its windshield wipers and brakes. Working with a videogame inventor, DARPA (Defense Advanced Research Projects Agency) was able to activate and dial into the OnStar system of a Chevrolet Impala, transmit data, which contained instructions, which allowed it to reprogram the vehicle’s electronic control unit and take complete control of the vehicle away from the driver.
The report released by Senator Ed Markey from Massachusetts contains some rather startling findings including:
- “Nearly 100 percent of cars on the market include wireless technologies that could pose vulnerabilities to hacking or privacy intrusions.â€
- “Most automobile manufacturers were unaware or unable to report on past hacking incidents.â€
- “Security measure to prevent remote access to vehicle electronics are inconsistent and haphazard across all automobile manufacturers, and many manufacturers did not seem to understand the questions posed by Senator Markey.â€
- “Only two automobile manufacturers were able to describe any capabilities to diagnose or meaningfully respond to an infiltration in real-time, and most say they rely on technologies that cannot be used for this purpose at all.â€
- “Automobile manufacturers collect large amounts of data on driving history and vehicle performance.â€
- “A majority of automakers offer technologies that collect and wirelessly transmit driving data history to data centers, including third-party data centers, and most do not describe effective means to secure the data.â€
- “Manufacturers use personal vehicle data in various ways, often vaguely to ‘improve customer experience’ and usually involve third parties, and retention policies – how long they store information about drivers – vary considerably among manufacturers.â€
- “Customers are often not explicitly made aware of data collection and, when they are, they often cannot opt out without disabling valuable features, such as navigation.â€
The white paper with their complete finding was released today and can be downloaded here.
Related Articles
About the Author: DrivingSales News
The DrivingSales News team is dedicated to breaking the relevant and the tough stories affecting car dealers. Have questions for DrivingSales News? Reach the team at news@drivingsales.com.
Warning: count(): Parameter must be an array or an object that implements Countable in /home/pg4b1yzvrqqo/domains/test.drivingsalesnews.com/html/wp-includes/class-wp-comment-query.php on line 399
They likewise do complimentary lemon checks, document checks, recall
checks and also problem vehicle signals.
Well it looks like DrivingSales News did it’s own hack job. The DARPA explanation of it’s hack is not possible. Any GM dealer can tell you that you can’t completely reprogram a vehicle through the Onstar system. On a 2011 Onstar can’t even download minutes onto an account while speaking to the customer. If that were possible why would GM or any other manufacturer pay dealers to bring cars to dealers for recall or service programming, they would just download it remotely and save themselves millions of dollars. The fact is the car that they showed would have had to have had it’s computer reprogrammed with a rogue program directly through the ALDL then that rogue program might have been controlled through a compromised Onstar connection. In the Senator Markey piece it says ” Before the researchers went public with their 2013
findings, they shared the results with the manufacturers
in the hopes that the companies would
address the identified vulnerabilities. But in response
to the public release of the study, both
companies reportedly noted that the researchers
directly, rather than wirelessly, accessed the vehicles’
computer systems”.
This was a sensational piece designed to scare people about things that are not even likely if possible at all. I’s a shame that a automotive publication would give it more publicity than it deserves.