The 20 most hackable CARS revealed

Daily Mail Technology Aug - 09 - 2014 , 14:02

Security experts have warned for months that smart cars are vulnerable to hackers, and now a pair of researchers has revealed the specific vehicles that are at the greatest risk.

Chris Valasek and Charlie Miller studied the schematics for a range of cars from the 2006 Range Rover Sport to this year's BMW 3 Series.

The 2014 Jeep Cherokee and 2015 Cadillac Escalade were the most vulnerable of the cars studied, while the 2006 Ford Fusion and 2010 Range Rover Sport were listed as two of the most secure.

Mr Miller is a security engineer at Twitter, and Mr Valasek is director of Security Intelligence at IOActive.

Other cars that performed poorly in their tests were the 2010 and 2014 Toyota Prius, as well as the 2014 Infiniti Q50.

The report has been shared with the Department of Transportation and industry group, the Society of Automobile Engineers.

Each car was rated under three categories – attack surface, network architecture and cyber physical.

A car’s wireless ‘attack surface’ includes the range of features that can be hacked, including Bluetooth, Wi-Fi, mobile network connections, key fobs, and tyre pressure monitoring systems.

Other Trending Stories

Sedina Tamakloe Attionu — Former Chief Executive Officer of the Microfinance and Small Loans Centre

Apr 16, 2024

Judgment day for former MASLOC Boss, others today

Daniel Ashai Adashie (left), Head of Public Information Department of the Jehovah's Witnesses, Ghana Branch, explaining a point to visitors at the ongoing exhibition at the National Museum in Accra. Picture: Emmanuel Quaye

Apr 16, 2024

Jehovah’s Witnesses Ghana opens exhibition at National Museum

Apr 19, 2024

New train crashes

Actress Yvonne Nelson calls for protest action against erratic power supply

Apr 23, 2024

Actress Yvonne Nelson calls for protest against erratic power supply

The network architecture includes how much access these features give to a vehicle’s critical systems, such as the horn, the steering and brakes.

Cyber physical relates to capabilities such as automated braking and parking sensors that can be controlled using wireless commands.

‘Automotive security concerns have gone from the fringe to the mainstream with security researchers showing the susceptibility of the modern vehicle to local and remote attacks,’ said Mr Valasek and Mr Miller.

‘A malicious attacker leveraging a remote vulnerability could do anything from enabling a microphone for eavesdropping to turning the steering wheel to disabling the brakes.

‘Unfortunately, research has only been presented on three or four particular vehicles.

‘Each manufacturer designs their fleets differently; therefore analysis of remote threats must avoid generalities.

‘[Our research] takes a step back and examines the automotive network of a large number of different manufacturers from a security perspective.

The results were published in a 92-page report presented at the Black Hat conference in Las Vegas.

Mr Miller and Mr Valasek were the same researchers who demonstrated hacking a Toyota Prius and a Ford Escape last year.

Using a laptop wirelessly connected to the car's electronics, they were able to remotely control the brakes, the accelerator, change the speedometer, switch the headlights on and off, tighten the seatbelts and even blast the horn.

The project was funded by a grant from the U.S Defense Advanced Research Projects Agency to highlight the security risks affecting modern-day cars.

Infinity told Wired that the researchers didn’t physically hack the car, but said it is looking into the claims. This was also true for Chrysler.

MailOnline has contacted the other manufacturers mentioned for their view on the findings.