Last month, Charlie Miller and Chris Valasek, two well-known network researchers from Pennsylvania, made headlines around the internet after they used a laptop to remotely hack into and take control of a Chrysler Jeep Cherokee. But even though Chrysler has already recalled over 1.4 million vehicles in response, the experiment has cast new light on the real-life implications of lax network security in the context of the Internet of Things (IoT). Is this the first real indication that network security could be a principal barrier to the Internet of Things? Or does it present an opportunity for network engineers to bring new measures of network safety to the IoT arena?
Automotive hacks are an “automaker’s nightmare” – but what about the driver?
Andy Greenberg, who was driving the Chrysler at the time it was hacked, described his experience as follows:
“Though I hadn’t touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on my back through the in-seat climate control system. Next the radio switched to the local hip hop station and began blaring Skee-lo at full volume. I spun the control knob left and hit the power button, to no avail. Then the windshield wipers turned on, and wiper fluid blurred the glass.”
It’s important to point out here that Greenberg wasn’t entirely unprepared – he had agreed to meet Miller and Valasek in Missouri and be the proverbial guinea-pig in their experiment, but had been kept in the dark as to the rest of their plans. They had spent the past year working on car-hacking research, the result of which was a hacking technique (known as a zero-day exploit in the security industry) that lets hackers wirelessly control thousands of vehicles via the Internet. As Greenberg describes it, Miller and Valasek’s code is “an automaker’s nightmare”: it allows hackers to send commands to the vehicle’s transmission, brakes, steering and dashboard through the entertainment system, with potentially terrifying consequences.
It’s all fun and games until someone loses control over their transmission.
Miller and Valasek’s experiment started out innocuously enough, but it didn’t stay that way for long:
“That’s when they cut the transmission. Immediately my accelerator stopped working. As I frantically pressed the pedal and watched the RPMs climb, the Jeep lost half its speed, then slowed to a crawl. This occurred just as I reached a long overpass, with no shoulder to offer an escape. The experiment had ceased to be fun. At that point, the interstate began to slope upward, so the Jeep lost more momentum and barely crept forward. Cars lined up behind my bumper before passing me, honking. I could see an 18-wheeler approaching in my rearview mirror. I hoped its driver saw me, too, and could tell I was paralyzed on the highway.”
Is this a defining moment in network security and IoT history?
Aside from anything else, what the Chrysler experiment makes clear is that the implications of network security in an Internet of Things context are much more profound. We’re moving into an era in which the lines between the virtual and the real are blurring to such an extent that vulnerabilities to network security could very easily translate into real threats to life and limb. Network engineers and Network Management Software providers will be responsible not only for ensuring that your data is safe from the hands of hackers and cyber-criminals, but also that network security is robust enough to mitigate any potentially life-threatening exploits that could come with Internet of Things devices. It’s hard to gauge what the long-term implications of this particular incident will be, but it’s safe to say that it has made the consequences of network security breaches in an IoT context a reality for many.
To find out more about how to equip yourself with a robust and comprehensive Network Management Software suite as we move into the era of the Internet of Things, please don’t hesitate to contact Iris or request a demo via our website.
We have posted an updated article relating to the Chrysler hack -please read it here
[fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][hs_action id=”1851″]
Image credit: Kaspersky