infoTECH Feature

September 10, 2015

Hacking on the Move: The Threat to Cars Through Metromile

People don’t have nightmares about monsters anymore; they dream about hackers breaking into their computers, phones, and other devices and stealing private information. Now, there’s even more to worry about. Hackers can take things one step further by attacking vehicles. In a recent case, researchers from the University of California at San Diego demonstrated how simple it is for hackers to invade vehicles through their insurance dongles, and wreak havoc with the systems.

Hacking Vehicles is Simpler Than Ever

Ever since the first computer was installed in a 1975 Chevrolet, all vehicles have been run by computers. This computer monitors and regulates your car, from little things like the windshield wipers and lights to major controls like the brakes and engine. In its purest form, the computer is there so that mechanics can diagnose the problem when you bring it in.

However, technology has advanced significantly over the last 40 years, and the computer can do much more now, including link to your personal devices via Bluetooth, and in newer models, data connection. This makes it easier than ever for a hacker to get into your car, and not only access any personal information connected to that computer, but also control the car. 

Metromile Facilitates the Hacking Process

When determining how easy it would be to hack the vehicle, researchers from the UCSD looked specifically at Metromile insurance chips. Metromile is an auto insurance option that offers pay-as-you-go insurance for anyone who drives less than 10,000 miles per year. The miles driven within that timeframe are monitored by a special chip installed in the car computer.

This chip has been installed in millions of cars since its invention. It may be great for saving people money on car insurance, but with a little tinkering and a thorough understanding of code, the researchers discovered one major flaw with the chip. It’s pretty easy to hack. They discovered the ability to entirely engage or disengage a vehicle’s brakes using a single text message sent to the insurance chip.

There’s a catch to this hack, however. It only works when the car is moving at 5 miles per hour or less. This specific hack may not be terribly frightening, but the implications are clear: If these researchers can access the brakes with a simple text message, more experienced, devious hackers can use their knowledge of code to cause even bigger problems. 

Besides that, the text message gave the researchers access to the car’s internal controls. The networks used within cars aren’t private or even secure. Anyone can gain access to the controls using the vehicle IP address or phone number of the owner.

Fixing the Problem

The findings were submitted to Metromile, who reported that they would be working to repair the problem and discover any other weaknesses. The company agreed that the technology used in cars is not taken nearly as seriously as it should be.

In addition to Metromile’s efforts to solve the hacking problem, legislatures have been working on a bill that will require all cars sold within the country’s boundaries to be equipped with measures to protect against hackers. In today’s age of limitless technology, it’s dangerous to leave any form of technology unsecure and unprotected.  




Edited by Dominick Sorrentino
FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers