Two white hat hackers, Charlie Miller and Chris Valasek, will publish a 100-page white paper on attacking the critical systems of two major cars at next week's Defcon convention.
Miller and Valasek were given a grant by the U.S. government to research and uncover software vulnerabilities in the Ford Escape and Toyota Prius.
The pair will also release the software they built for hacking the cars at the convention.
Through their research (via Reuters), the pair were able to find ways to "force a Toyota Prius to brake suddenly at 80 miles an hour, jerk its steering wheel, or accelerate the engine." They can also "disable the brakes of a Ford Escape traveling at very slow speeds, so that the car keeps moving no matter how hard the driver presses the pedal." In the wrong hands, both exploits can certainly be fatal, although the white hats will not be releasing any information on how to do these attacks remotely, meaning you will have to be in the vehicle and connected directly to the car's system for the attack.
Valasek, director of security intelligence at consulting firm IOActive, is well known for finding bugs in Microsoft's software, namely Windows. Miller is well known for his hacking of Apple's iOS App Store.
While the new work may not be a worry to the auto industry, if the attacks can be performed remotely, it would be disastrous. In 2011, a group of white hats and academics found ways to infect cars using Bluetooth and wireless networks but none of their work, or even the name or make of the car they hacked, were ever released.
The pair will also release the software they built for hacking the cars at the convention.
Through their research (via Reuters), the pair were able to find ways to "force a Toyota Prius to brake suddenly at 80 miles an hour, jerk its steering wheel, or accelerate the engine." They can also "disable the brakes of a Ford Escape traveling at very slow speeds, so that the car keeps moving no matter how hard the driver presses the pedal." In the wrong hands, both exploits can certainly be fatal, although the white hats will not be releasing any information on how to do these attacks remotely, meaning you will have to be in the vehicle and connected directly to the car's system for the attack.
Valasek, director of security intelligence at consulting firm IOActive, is well known for finding bugs in Microsoft's software, namely Windows. Miller is well known for his hacking of Apple's iOS App Store.
While the new work may not be a worry to the auto industry, if the attacks can be performed remotely, it would be disastrous. In 2011, a group of white hats and academics found ways to infect cars using Bluetooth and wireless networks but none of their work, or even the name or make of the car they hacked, were ever released.
Tags:
White Hat Hacking
