At the Usenix security conference yesterday, a group of researchers from the University of California of San Diego demonstrated a technique to wirelessly hack into vehicles equipped with a tiny, internet-connected and commercially-available device called an OBD2 dongle. The researchers demonstrated their hack on a sixth-generation Chevy Corvette and were able to control some of its features.
The hacked device in question is a 2-inch square gadget built by France-based Mobile Devices. It was designed to plug into the a vehicle’s OBD2 port. Today, the OBD dongles are primarily used by insurance companies as well as fleet management firms and software to monitor the location, speed, and efficiency of vehicles as well as other driving habits and characteristics. Usually located somewhere in the driver’s-side footwell, the universal OBD2 port provides access to the vehicle’s CAN bus. A CAN bus is an internal network of a vehicle analogous to its central nervous system, granting access to various vehicle components. To note, vehicles are not equipped with the OBD dongles in question at the factory; instead, the driver must install it manually.
An OBD2 dongle from Mobile Devices
“We acquired some of these things, reverse engineered them, and along the way found that they had a whole bunch of security deficiencies,” says Stefan Savage, the University of California at San Diego computer security professor who led the project. The result, he says, is that the dongles “provide multiple ways to remotely…control just about anything on the vehicle they were connected to.”
Sending specially-formatted SMS messages to one of the cheap OBD2 dongles connected to the 2013 Corvette C6 allowed the researchers to transmit commands to the car’s CAN bus; the researchers were able to turn on the Corvette’s windshield wipers and disable its brakes. Though hackers used an OBD2 dongle from Mobile Devices, they said that they could also have modified their hack to be used across a wide variety of other OBD2 devices.
In the video below, researchers demonstrate their proof-of-concept attacks on the Corvette. We should note, however, that the researchers could only control the Corvette’s brakes at low speeds due to limitations of the car’s automated system functions. However, they did say that the hack could have easily been adapted for practically any modern vehicle and that they could have also controlled other critical vehicle components like locks, steering or transmission.
And therein lies the crux of the matter: hackers didn’t hack a Corvette. Instead, they hacked a third-party, internet-enabled OBD2 dongle that, as we have already mentioned, drivers much plug into the OBD2 port of their vehicle.
Comments
This is just dumb. Of course if you have physical access to the cars interior diagnostics port you can control the cars computers. This is no different than my tuning software that lets me do various things like shut off the fuel pump, but with a wireless transmitter.
These guys accomplished / demonstrated next to nothing. Make this work without installing a wireless transmitter on the diagnostics port – like they did with the Jeeps and you have a REAL security issue.
The article is a tad vague on the most critical information needed by the consumer — is this dongle in our cars OR not? I know the article eventually answers that question, but a casual reader might get confused. Language like this —
“a group of researchers from the University of California of San Diego demonstrated a technique to wirelessly hack into thousands of vehicles -”
— is misleading. It’s not a way to hack into thousands of cars. But any car which has this aftermarket dongle added, which could number into the thousands.
John, thank you for your feedback. We have addressed your concerns in an update to our article here on GM Authority.
Perhaps you should also direct the same kind of feedback to the likes of the WSJ, NYT, and Wired, as each of those is also unclear on the matter.
I agree with what Mike said. You would have to buy one of these dongles (Amazon has them as cheap as $5) and physically get into the car to plug it into the OBD2 port and leave it there for it to receive the signal and give commands to the ECM/BCM. This is achieved via bluetooth so a phone or computer could do it as long as it was within range. So this is really not a big deal. No vehicle comes from the factory with this device.
I bought one (ELM 327) and use the Torque Pro App for diagnostics and data display so to me the only marveling fact is they were able to actually send commands to the car via some sort of software. The Snap-On Modis scanner i also have and it astounds people that i can do anything from change gears to activating turn signals going down the road while diagnosing their car issues.
Yep Agreed Mike too much hype over nothing.