An associate professor and white-hat hacker, Hiroyuki Inoue, has demonstrated a proof-of-concept showing cars that are equipped with internet-connected devices can be hacked and even remotely controlled by wielding a smartphone.
In an experiment, Hiroyuki Inoue, an associate professor at Hiroshima City University’s Graduate School of Information Sciences, Japan, has proved that connected cars can be remotely hacked with a smartphone application. The associate professor and hacker used a 2013 Toyota Corolla Fielder Hybrid for the demonstration, as reported by the Japan Times.
It is important to note that the exploit isn’t one to affect cars that are still driven as manufactured in stock as their onboard computers do not have internet connectivity.
However, Inoue warns that cars that have been modified and enhanced with internet devices privately could potentially be hacked. The claim comes during a time when many major automobile manufacturers including those in Japan are experimenting and even actively developing self-driving vehicles.
Another Connected Car, Hacked
Putting together a Wi-Fi device as a contraption with parts available commercially that cost him about ¥10,000 (approx. USD $82). He also developed a smartphone application that was used to – among other hacks – remotely control the car.
Inoue connected the Wi-Fi device to a commonly found terminal located under the Toyota’s steering wheel. Such terminals are routinely used to plug in monitoring devices during a car’s maintenance. Once connected, Inoue discovered that the car’s computer contained unencrypted data that controlled critical functions such as the vehicle’s engine, brakes and other functions.
As the video shows, the associate professor was able to manipulate the speedometer reading on the dashboard even though the car was stationary while parked.
Important (data) communication was in full view from outside. Other cars could also be subject to hacking in the same way.
Furthermore, he was also able to replicate a distributed denial of service (DDoS) attack by inundating the car’s computer with a large amount of requests and data. Unsurprisingly, the action led to a complete paralysis of the vehicle, despite the accelerator being stepped on by the driver. The white-hat hacker was also able to raise and lower windows with the smartphone application reigning in control of the on-board computer.
Also read: $32 Hacking Device Opens Car & Garage Doors
In light of the news, an official representing the Japanese Automobile Manufacturers Association confirmed that the collective industry will work on cybersecurity measures in tandem with the government.
Hiroyuki Inoue confirmed that the details of his exploit will be further revealed during a three-day cybersecurity symposium that commenced on Tuesday in Okinawa, Japan.
Featured image from Shutterstock.