Car hacking: the most vulnerable cars revealed

Kia Sportage Mk2 (used) - key fob
Credits: Tom Wood
14 Aug, 2014 11:00am Chris Ebbs

US experts assessed cars for their vulnerabilities with Jeep Cherokee and Cadillac Escalade the easiest to hijack

Security experts in the US have been studying a range of cars, including the BMW 3 Series and Toyota Prius, to see which are the most vulnerable to car hacking.

Twitter security engineer Charlie Miller and Chris Valasek, director of security intelligence at IOActive, studied the schematics of the 20 cars and found that the 2014 Jeep Cherokee and 2015 Cadillac Escalade were the most vulnerable to computer attacks, while the 2006 Ford Fusion and 2010 Range Rover Sport were the most secure. Among the other cars that performed poorly in the testing were the 2010 and 2014 Toyota Prius and the 2014 Infiniti Q50.

Does in-car Black Box telematics really work?

Each car was rated for three categories – attack surface, network architecture and cyber physical. The cars' wireless ‘attack surface’ category included a range of features that could be hacked, including Bluetooth, Wi-Fi, mobile network connections, key fobs, and tyre pressure monitoring systems.

For ‘network architecture’ it included how much access these features give to a vehicles critical systems, such as the horn, the steering and brakes. 'Cyber physical' concerns systems such as automated braking and parking sensors that can be controlled using wireless commands.

• Autonomous cars could be on the road by 2015

The pair used a laptop wirelessly connected to the car’s electronics and were able to remotely control the brakes and the accelerator, change the speedometer, switch the headlights on and off, tighten the seatbelts and sound the horn.

The project was funded by a grant from the U.S Defense Advanced Research Projects Agency to highlight the security risks affecting modern-day cars.