Dangerous control of my Jeep over the internet

[jlrocks]

I assure you I do. IT security is clearly not your primary role at work.

Sponsored

 

[SwampNut]

I was thinking the same.

 

[12BNNT]

To be honest, is a hack possible? sure. Likely? Not really. You can worry all you want about hacks, but as someone else commented, you can only do so much to stop it. Kinda like car alarms... you can spend $1000 on an alarm with all kinds of features that will stop the honest and the inept amateur but if a REAL thief wants your car, it’s gone!
On top of that, if a hacker was to hack something, they’d find something with a financial gain not an annoyance deal like locking/unlocking your door or remote starting your car. The only way that kind of access could be dangerous is remote starting the vehicle in an enclosed garage that has ventilation to the house but if my truck started up in the garage while I was inside I would hear it and my 4 legged doorbell would go nuts.

 

[jlrocks]

Worrying won't help but not enabling this sort of user access in the first place will, and successfully disabling it after it's been enabled is also good. As I said above there is potentially a lot more at stake here than unlocks and remote starts although it hasn't been a problem on a large scale yet.

First Google result:

https://www.cnet.com/roadshow/news/2019-automotive-cyber-hack-security-study-upstream/

 

[Mr._Bill]

Worrying won't help but not enabling this sort of user access in the first place will, and successfully disabling it after it's been enabled is also good. As I said above there is potentially a lot more at stake here than unlocks and remote starts although it hasn't been a problem on a large scale yet.

First Google result:

https://www.cnet.com/roadshow/news/2019-automotive-cyber-hack-security-study-upstream/

There's not more at stake, because Jeep only allows certain functions. There is no direct access to the vehicle's computer systems. Once you've been authorized, you're given a choice of available commands, which is then forwarded to SiriusXM to send out to the vehicle. The Uconnect system accepts it, decides if it can be acted on, then handles it and reports back. That's why it is so slow carrying out basic requests. Jeep has done what they can to ensure safety. There is not even direct access through the OBD port when in the vehicle. A security gateway has to be bypassed to do anything but read from the system.

 

[jlrocks]

If it were that simple there would be no hacks.

 

[TheGreatCO]

Just a few thoughts from a software developer... I am certainly not an expert on this, more an aficionado for security, but my first thought is: the probability that your car, specifically, will be hacked, is very very low.

Beyond that, there are multiple kinds of "hacks" here we should consider.

1. "Hacking" by logging in as you through an official channel (eg: breaking your password). This can be mitigated, as you point out, by not having the service. It can also be mitigated by good password practices.
2. "Hacking" by gaining unauthorized access to the backend services that power the "official channel". This is hard for you to mitigate, because even if you don't pay the monthly fee, your car is likely still connecting to this service. Which means if the service is compromised, access to your car is highly likely unless you can disable the dial home.
3. "Hacking" by attacking the vehicle over the internet. This is hard for you to mitigate, because the car has a cellular modem, it is likely that modem is active even when you're not paying for the service. This may leave the car exposed over the internet, but this is can be mitigated by both the cellular provider (not allowing incoming connections) and the developer of the head units, again, by not allowing incoming connections. Outgoing connections can still be dangerous through a number of attacks allowing the attacker to impersonate the official service. I believe a variation of the cellular attack is how the Jeep Cherokee was attacked. I don't know if it is possible, but powering down the modem would be the best bet here.
4. "Hacking" by attacking the vehicle semi-locally. This could be done via radio, bluetooth, or even WiFi. The range of these attacks depend on the type of wireless signal used, antennas used, and broadcast power. You can mitigate this by disabling bluetooth, and WiFi (I haven't looked if you can turn it off or not). Mitigating attacks using the regular radio is a bit harder, because we don't know if the radio is always listening or just when it's playing music. Though it is important to note that just because the system says a component is "off" does not mean it is completely off and cannot be tricked into receiving malicious signals.
5. "Hacking" via physical access. This is generally up to you to mitigate, as you are in charge of your own vehicle. But this could include leaving device(s) attached to the CAN bus, or just modifying software and leaving little if any trace to the casual observer.

Now we should probably look at motivation:

1. Financial Gain. Most (the vast majority, but not all) hacks are done for gain. So ask yourself, what financial gain would somebody have to attack your car? The most likely case is because they want to steal your car or its contents. That puts the attack class almost squarely in the 5th category. They are going to probably use a key clone type attack to make the car think your key is in the car and start it up an drive off. This would have nothing to do with the modem, the radio, or the Jeep/UConnect servers. Just plain old car theft. Also, cars are relatively hard to turn into money, are fairly easily traced, and require feet on the ground that could get caught. Ransomeware that pays bitcoin is a whole lot more profitable and less traceable.
2. Bragging rights. They almost certainly don't want your car in this case. They just want to prove that they could break into the system. They might then sell this methodology on to other thieves. Depending on the complexity of the hack, this may or may not catch on. I find it unlikely that somebody will go through all the trouble of cracking the UConnect servers, or the cell provider's network, or scanning the network for what might be a car, just so that they can remotely start and run it out of fuel.
3. Nation state. These attackers want a specific car to do a specific thing at a specific time. Probably to kill somebody. They may hack the car, or they may just run it off the road the old fashioned way. Either way, if a nation state is after you, you're probably in deep shit.

So what's the most likely reason somebody wants in your car? To steal the contents. What's easier, hacking the car or smashing a window? Remember, thieves are lazy.

 

[jlrocks]

Excellent writeup! The only scenario I can imagine where someone would bother to hack my vehicle would be if the hack were part of a large scale attack targeting as many vehicles as possible, probably simultaneously and perpetrated by a state actor in order to cause disruption.

 

[Mr._Bill]

Excellent writeup! The only scenario I can imagine where someone would bother to hack my vehicle would be if the hack were part of a large scale attack targeting as many vehicles as possible, probably simultaneously and perpetrated by a state actor in order to cause disruption.

And what is the actual reality of that happening? Can you show any successful hacks to any Jeep in the years the remote functions have been available?

 

[jlrocks]

And what is the actual reality of that happening? Can you show any successful hacks to any Jeep in the years the remote functions have been available?

https://www.wired.com/video/watch/hackers-wireless-jeep-attack-stranded-me-on-a-highway

 

[SwampNut]

And what is the actual reality of that happening? Can you show any successful hacks to any Jeep in the years the remote functions have been available?

Nope. Hasn't happened.

There are some screwballs that claimed they could with a modified Jeep.

 

[Mr._Bill]

https://www.wired.com/video/watch/hackers-wireless-jeep-attack-stranded-me-on-a-highway

It's obvious you have a narrow view on the reality of the current Jeep being hacked, and are digging for anything to try and justify your position. That story is from 2015.

 

[jlrocks]

Prevention or reaction, take your pick.

 

[12BNNT]

https://www.wired.com/video/watch/hackers-wireless-jeep-attack-stranded-me-on-a-highway

That’s the story I was talking about before. The part that article doesn’t report is that they had to get into the head unit in the car to know all serial numbers, IMEI numbers and carrier signal numbers to be able to do the hack. So..... if YOU piss off the wrong person they COULD break into your car using a digital key, cycle the ignition, get the info, and lay in wait for you to drive it and bring you to a sudden halt on a 70 mph highway in an attempt to off you. Otherwise, the only real benefit to the hacker (like these guys did) is to show it can be done and get the maker to pay them to show how so the maker can patch the hole in the security as the article says Chrysler did.

 

[MrZappo]

What is being missed here is that they would need to want to target YOU before they would/could begin the nearly impossible, time consuming, expensive task of engineering a way around numerous safety and security protocols and systems.

This would take expertise, money, time, tenacity, among other things.

So, dude, unless you are really important, really rich, or whatever, guess what, your safe.

Just like the rest of us boring, slightly overweight (at least me) , middle class (at least me), average run of the mill jeep type guys or gals.

So, we have 4 pages of everyone telling you that this is extremely unlikely and you firing back with a "better safe than sorry" comment.

Both are right.

But ya know, in reality it ain't gonna happen. Sleep well. Relax.

No one is that interested in any of us.

And if anyone ever decides to take control of your jeep and take you on a joy ride from their underground lair while petting their white long haired cat, reply in this thread and I'll happily retract my post.

Sponsored