General Motors hired two security researchers that hacked into a Jeep Cherokee over the internet in 2014, cutting its transmission and disabling the brakes in an experiment that still reverberates in the automotive industry.

Chris Valasek and Charlie Miller were both hired by Cruise Automation, the autonomous driving unit that GM formed in 2016.

[Charlie Miller] and [Chris Valasek] Have just released all their research including (but not limited to) how they hacked a Jeep Cherokee after the newest firmware updates which were rolled out in response to their Hacking of a Cherokee in 2015.

FCA, the Corp that owns Jeep had to recall 1.5 million Cherokee’s to deal with the 2015 hack, issuing them all a patch. However the patch wasn’t all that great it actually gave [Charlie] and [Chris] even more control of the car than they had in the first place once exploited. The papers they have released are a goldmine for anyone interesting in hacking or even just messing around with cars via the CAN bus.

We anticipate seeing an increasing number of security related releases and buzz as summer approaches. It is, after all, Network Security Theatre season.

http://illmatics.com/carhacking.html

A group of security researchers from the Chinese firm Tencent have found a series of flaws that can be exploited to remotely hack a Tesla Model S.

Security experts at the Keen Lab at Chinese firm Tencent have found a series of vulnerabilities that can be exploited by a remote attacker to hack an unmodified Tesla Model S.

The researchers demonstrated that it is possible to hack the Tesla Model S while it is parked or if it is on the move.

The most scaring part of the hack is when the car is on the move, the hackers were able to activate the brakes from 12 miles, activate the windshield wipers, fold the side view mirrors, and open the trunk.

The researchers are the first team of hackers that is able to compromise CAN Bus to remote control Tesla cars by exploiting a series of flaws.

It seems the news regarding vehicle hacking continues to get worse, especially when it comes to products from Fiat Chrysler Automobiles. Last year, a Jeep Cherokee in St. Louis, Missouri, was wirelessly hacked from Pittsburgh. Nissan had to shut down its Leaf app because of vulnerabilities. Now, a pair of hackers in Houston, Texas, stole more than 30 Jeeps over a six-month period. The two were arrested by police last Friday while attempting to steal another vehicle.

The FBI Warns That Car Hacking Is a Real Risk
http://www.wired.com/2016/03/fbi-warns-car-hacking-real-risk/

It’s been eight months since a pair of security researchers proved beyond any doubt that car hacking is more than an action movie plot device when they remotely killed the transmission of a 2014 Jeep Cherokee as I drove it down a St. Louis highway. Now the FBI has caught up with that news, and it’s warning Americans to take the risk of vehicular cybersabotage seriously.

In a public service announcement issued together with the Department of Transportation and the National Highway Traffic and Safety Administration, the FBI on Thursday released a warning to drivers about the threat of over-the-internet attacks on cars and trucks. The announcement doesn’t reveal any sign that the agencies have learned about incidents of car hacking that weren’t already public. But it cites all of last year’s car hacking research to offer a list of tips about how to keep vehicles secure from hackers and recommendations about what to do if you believe your car has been hacked—including a request to notify the FBI.

“Modern motor vehicles often include new connected vehicle technologies that aim to provide benefits such as added safety features, improved fuel economy, and greater overall convenience,” the PSA reads. “Aftermarket devices are also providing consumers with new features to monitor the status of their vehicles. However, with this increased connectivity, it is important that consumers and manufacturers maintain awareness of potential cyber security threats.”

Just a day after news spread that Nissan Leaf’s NissanConnect app could be compromised by hackers to control fan settings (potentially draining the battery) and download logs of past drives, Nissan has pulled the functionality, saying that it is “looking forward to launching updated versions of [its] apps very soon.”

Information security has been a particularly pressing concern in the auto industry, where the concept of the connected car has, at times, moved faster than the industry’s ability to keep hackers at bay. The NissanConnect hack, which allows an individual to download and manipulate settings if they have a Leaf’s VIN number, is not the most serious hack — there doesn’t appear to be any situation where it would put a moving vehicle in harm’s way — but it could effectively disable a car by draining the battery. In the worst case, hackers could also use drive logs to get a sense of when the car’s owner is at home, at work, or elsewhere.

Until the recent wave of carmakers rolling out more and more connected cars for the consumer market, cyber security was always a matter of indifference to car OEMs and Tier Ones. Now, it’s a big deal.

Fresh in everyone’s memory are several celebrated hacking incidents this past summer. These include the vulnerabilities found in Chrysler Jeeps, which resulted in Chrysler’s recall of 1.4 million vehicles, and a flaw in General Motors’ OnStar RemoteLink system, through which a hacker found a way to remotely unlock doors and start engines.

As Egil Juliussen, director research & principal analyst at IHS Automotive, pointed out in a recent presentation to the automotive industry, “Hacking research has shown that nearly all access points can be compromised.” To cope with this reality, technology suppliers are beginning to launch a number of cyber security solutions, he said. They range from hardware security to CAN (Controller Area Network) bus firewalls and ECU software monitoring.

But what the world hasn’t seen yet – and Juliussen hasn’t seen either – is a technology capable of encrypting CAN bus itself.

That’s about to change, according to Trillium, a Japan-based start-up headed by David Uze, former CEO of Freescale Japan. Uze told EE Times this week that a small team of Trillium engineers has developed what it calls SecureCAN — “a CAN bus encryption and key management system for protecting payloads less than 8bytes.”

Essential to this assertion is a claimed ability to handle data “in 8bytes,” instead of the 128-bit block the Rijndael algorithm needs for AES-based encryptions.

Essential to this assertion is a claimed ability to handle data “in 8bytes,” instead of the 128-bit block the Rijndael algorithm needs for AES-based encryptions.

Because of its ultra-light weight block cipher, Trillium’s SecureCAN can encrypt CAN (and LIN) messages in real time, claimed Uze.

So, where, exactly, did hackers find a crack in the firewall of a 2014 Jeep Cherokee? How did they infiltrate it and who’s at fault for failing to foresee the breach?

The failure apparently occurred in not one, but multiple places in the connected car’s system architecture. Blame, according to multiple automotive industry analysts, could also extend to parties beyond Fiat Chrysler Automobiles (FCA). They include Sprint — a system integrator — with whom Chrysler contracted for secure vehicle network access via the telematics control unit, and Harman Kardon, who designed an in-vehicle infotainment system.

The hackers were reportedly able to control a 2014 Jeep Cherokee’s steering, braking, high beams, turn signals, windshield wipers and fluid, and door locks, as well as reset the speedometer and tachometer, kill the engine, and disengage the transmission so the accelerator pedal failed. Most important, they did all this mischief remotely and wirelessly.

Breakdown of security vulnerability
Asked to break down the security vulnerability of the hacked car, Lanctot said: “Step one is control of braking, acceleration and steering accessible on the vehicle CAN bus.

“Step two is remote wireless connectivity to the car via cellular.

“Step three is providing for remote access to the CAN bus via the telematics control unit interface. Clearly, the FCA systems were configured in such a way as to allow for CAN bus access via the telematics control unit.”

Lanctot added, “There is nothing wrong with that as long as you provide for appropriate security.”

Lanctot, however, pointed out, “It appears that the IP address was too easily identified” by the system used by Jeep Cherokee and “the telematics control unit lacked basic software upgrading capability.”

Lanctot isn’t alone in fingering the IP address issue. Egil Juliussen, director research & principal analyst at IHS Automotive Technology, also told us that the hackers appear to have found “a simple way to get the IP address of a car.