By the time you see this headline, the first question that pops into your mind is: Could a Car get a Computer Virus? Well the answer to that question is a capital YES!
In the past, car viruses were rare because one of the only ways to infect a vehicle was by a mechanic and via the computer or software he used to diagnose problems with the car.
More than 100 Texas drivers could have been excused for thinking that they had really horrendous luck or -- at least for the more superstitious among them -- that their vehicles were possessed by an evil spirit. That's because in 2010, more than 100 customers of a dealership called Texas Auto Center found their efforts to start their cars fruitless, and even worse, their car alarms blared ceaselessly, stopped only when the batteries were removed from the vehicles [source: Shaer].
What seemed to some to be a rash of coincidence and mechanical failure turned out to be the work of a disgruntled employee-turned-hacker. Omar Ramos-Lopez, who had been laid off by the Texas Auto Center, decided to exact some revenge on his former Austin, Texas employer by hacking into the company's Web-based vehicle immobilization system, typically used to disable the cars of folks who had stopped making mandatory payments [source: Shaer]. Besides creating plenty of mayhem and generating a flood of angry customer complaints, Ramos-Lopez, who was eventually arrested, highlighted some of the vulnerabilities of our increasingly computer-dependent vehicles from a skilled and motivated hacker.
Although Ramos-Lopez's attack generated a lot of attention, his hacking was fairly tame compared to the possibilities exposed by analysts at a number of different universities. Indeed, in 2010, researchers from the University of Washington and the University of California at San Diego proved that they could hack into the computer systems that control vehicles and remotely have power over everything from the brakes to the heat to the radio [source: Clayton]. Researchers from Rutgers University and the University of South Carolina also demonstrated the possibility of hijacking the wireless signals sent out by a car's tire pressure monitoring system, enabling hackers to monitor the movements of a vehicle.
Taken together, these events show that cars are increasingly vulnerable to the sort of viruses (also known as malware) introduced by hackers that routinely bedevil, frustrate and harm PC users everywhere. Obviously, this has real implications for drivers, although the researchers themselves point out that hackers have not yet victimized many people. But the ramifications are clear.
"If your car is infected, then anything that the infected computer is responsible for is infected. So, if the computer controls the windows and locks, then the virus or malicious code can control the windows and locks," says Damon Petraglia, who is director of forensic and information security services at Chartstone Consulting and has trained law enforcement officers in computer forensics. "Same goes for steering and braking."
As high-technology continues to creep into horseless carriages everywhere, there's one thing we can all count on: abuse of that technology. According to Reuters, Intel's "top hackers" are on the case though, poring over the software which powers the fanciest of automobile technology in hopes of discovering (and dashing) various bugs and exploits.
Except under the most specific of scenarios, the damaging results from an attack against an unsuspecting user's personal computer are often limited. Hackers may be able to cripple a computer, invade a user's privacy or even steal someone's identity. Causing personal injury or death though, is typically out of the question. However, with an increasing amount of technology and software proliferating modern vehicles, this could all change.
"You can definitely kill people," asserts John Bumgarner, CTO of a non-profit which calls itself the U.S. Cyber Consequences Unit.
As outlined in the following publication, Experimental Security Analysis of a Modern Automobile (pdf), researchers have already shown that a clever virus is capable of releasing or engaging brakes on a whim, even at high speeds. Such harrowing maneuvers could potentially extinguish the lives of both its occupants and others involved in the resulting accident. On certain vehicles, researchers were also able to lock and unlock doors, start and disable the engine and toggle the headlights off and on.
Ford spokesman Alan Hall assures us, "Ford is taking the threat very seriously and investing in security solutions that are built into the product from the outset". Ford has been an industry leader in adopting advanced automotive technologies.
Thus far, there have been no reported incidents of injury or death caused by automobile hacking. That's according to SAE International, a major standards committee for automotive and aerospace industries.
When asked by Reuters whether or not there had been any such reports, most manufacturers declined to comment. However, McAfee executive Bruce Snell claims that automakers are still very concerned about it. Snell admits, "I don't think people need to panic now. But the future is really scary." McAfee, which is now owned by Intel, is the division of Intel investigating automobile cyber security.
We can only hope and pray that solution arrives early enough before this viruses are being released en-masse which could endanger the lives of innocent car owners.