New Jeep Hack Proves Cars Still Exposed

August 03, 2016 // By Junko Yoshida
When automotive security researchers Charlie Miller and Chris Valasek take the stage Thursday morning (Aug. 4) at the Black Hat conference in Las Vegas, they will outline new methods of CAN message injection. The two researchers who now work for Uber’s Advanced Technology Center will demonstrate how to physically seize control of the braking, steering, and acceleration systems in a vehicle.

In last year’s hack, which led to Chrysler’s recall for 1.4 million vehicles, Miller and Valasek focused on pulling off “wireless attack” on the Jeep.

The two at that time exploited a Harman “head unit,” which offers a Wi-Fi hot spot — in a 2014 Jeep Cherokee — to get into the vehicle’s network. Later the hackers invaded the car through its cellular connection, via Sprint’s wireless network.


This year, the security experts turned their attention to injecting rogue messages into a vehicle’s CAN bus, which resulted in a full-speed attack on the Jeep’s steering and acceleration.


Instead of getting into the guts of a car wirelessly, Miller and Valasek this year used a laptop directly plugged into the Jeep’s CAN network through a port under its dashboard. They confirmed that they used the patched Jeep for this hacking.


In writing a story for Wired prior to the duo’s presentation at Blackhat, a reporter reached out to Chrysler’s parent company Fiat Chrysler Automobiles (FCA). 


The auto maker asserted that Miller and Valasek’s attack could not have been performed remotely. The company responded in a statement stressing, “This demonstration required a computer to be physically connected into the vehicle’s onboard diagnostic (OBD) port and present in the vehicle.” It added, “While we admire their creativity, it appears that the researchers have not identified any new remote way to compromise a 2014 Jeep Cherokee or other FCA US vehicles.”

Chrysler also added: “It is highly unlikely that this exploit could be possible…if the vehicle software were still at the latest level.”

Chrysler couldn’t have been more wrong.


Whether Miller and Valasek’s car attack was done wirelessly or via OBD-II port is beside the point. Although Chrysler created a patch for the Jeep last year, it did not by any means close all avenues to wireless car attacks.