It took a 14 year old boy to stun the professional engineers, policy makers and white-hat security experts. The boy who was a part of a 5 day camp for car hacking and cyber security called CyberAuto Challenge.
The boy, who was 14 and looked like he was 10 as per Dr.Andrew Brown Jr., VP and Chief Technologist at Delphi Automotive, took up the challenge of remotely hacking a car.
The actual procedure for the participants of the camp including the school kids was to take help of the assembled experts and attempt remote infiltration of a car.
Our boy however had different ideas altogether. He chose to have a go at hacking the car alone without any guidance from the experts available. At night he went to Radio Shack, spent $15 on parts and stayed up late into the night building his own circuit board.
What he did next morning left the experts flummoxed. Early morning, he used his homemade device to hack into the car of a major automaker. Within minutes the 14 year old had the car windshield wipers turned on and off. After demonstrating his hacking skills with the wipers, the boy unlocked and locked the car doors remotely and got the remote start feature engaged.
As a final bow to the entrapped audience, the 14 year old student even got the car’s lights to flash on and off which he then set to the beat from songs on his iPhone.
The people who ran the CyberAuto Challenge event refused to reveal the boy’s name or the brand of the car he was successful in hacking but they confirmed the 14 year olds exploits.
‘There’s no way he should be able to do that,’” Delphi’s Brown Jr. stated, recounting the previously undisclosed incident at a seminar held last Tuesday, on the industry’s readiness to handle cyber threats. Brown Jr. had one thing to say for the boy’s exploit, “It was mind-blowing,”
“It was a pivot moment,” said Dr. Anuja Sonalker, lead scientist and program manager at Battelle. “For the automakers participating, they realized, ‘Huh, the barrier to entry was far lower than we thought.’ You don’t have to be an engineer. You can be a kid with $14.”
She however ascribed the breach to being more of a nuisance attack, and emphasized that, in this case, no critical safety functions, like steering, braking or acceleration, were compromised.
Seems the car industry, especially the remote unlocking car manufacturers have a lot their hands to think about.
Resource : Autoblog.