A team of researchers from the University of California at San Diego have found a way to wirelessly hack and take control of thousands of vehicles via an insurance dongle plugged into a car’s On Board Diagnostic Generation 2 port.
The researchers revealed the vulnerability at the 24th USENIX Security Symposium yesterday. The team were able to transmit commands to a 2013 model Corvette’s CAN BUS– the internal network that controls some of the vehicle’s critical functions – by sending SMS messages to an OBD2 dongle connected to the car’s dashboard. This allowed them to activate the windshield washers and, more worryingly, engage and disengage the brakes at low speeds.
The problem isn’t limited to Corvettes; the researchers warned that they could have commandeered the systems of nearly any CAN BUS-equipped cars with the dongle plugged in, and that the hack could be modified to affect other vehicle systems such as the steering, lock, and transmission.
“We acquired some of these things, reverse engineered them, and along the way found that they had a whole bunch of security deficiencies,” says Stefan Savage, the security professor who led the project. He explained that the devices “provide multiple ways to remotely…control just about anything on the vehicle they were connected to.”
The dongle used in the demonstration was built by the French firm Mobile Devices and distributed by a San Francisco insurance startup called Metromile. Researchers have informed the startup of the vulnerability in its devices and they have since been patched. Metromile partnered with Uber to offer the dongles to its contract drivers as part of a discount insurance program. A Spokesperson for the ride-hailing company said in an email: “No drivers reported any problems related to this issue prior to the fix, and we are not aware of any remaining exposure.”
There have been a spate of security vulnerabilities in cars exposed recently; last month, a pair of hackers demonstrated a zero-day exploit involving the infotainment system of a Jeep Cherokee, and an Australian researcher showed how to remotely unlock a car in minutes at the recent Black Hat conference. The same Las Vegas event also saw cybersecurity researchers show how a design flaw could enable them to take control of a self-aiming sniper rifle.
To see the OBD2 hack in action, check out the video below.