It is easy to forget that there is more computing power in most cars than many computers — until those cars display the same vulnerabilities that computers do. In recent weeks, hackers in the United States have taken over a Tesla Model S, a Jeep Cherokee and a General Motors vehicle, all while each car was being driven. The levels of control varied from vehicle to vehicle, but the danger was real in each case. Auto manufacturers and consumers alike need to take this threat seriously.
Last month, cybersecurity researchers took control of a Jeep Cherokee while it was being driven, using its vehicle-connectivity system to first manipulate the radio and windshield wipers, and then cut off the transmission and disconnect the brakes. Two other researchers took control of the Tesla's onboard computer, controlling the entertainment system, the windows door locks and the trunk at low speeds; at higher speeds the engine shut off while the driver could steer and brake the car. In the case of the Jeep, the hack was done from a remote laptop; the Tesla hack was originally done via access to the car's Ethernet connection but remotely afterward.
The Jeep incident prompted Chrysler to recall 1.4 million vehicles for a fix. (The recall actually includes the mailing of USB flash drives containing the patch.) Tesla has developed an over-the-air software update that can be downloaded by the owner via Wi-Fi or cellular connection.