We'll get right to the point, as time is of the essence in this fast-paced new world of connected cars and cybersecurity anxiety: You may be driving one of the "Most Hackable" cars as designated by researchers. On Wednesday, Twitter security engineer Charlie Miller and Christopher Valasek, director of Security Intelligence at computer security firm IOActive, presented a study at the 2014 Black Hat USA security conference in Las Vegas, identifying popular car models they determined to be the vehicles most vulnerable to a remote cyber-attack.
The top three Most Hackable vehicles are:1. 2014 Jeep Cherokee
2. 2015 Cadillac Escalade
3. 2014 Infiniti Q50
On the other end of the cybersecurity spectrum are the top three Least Hackable vehicles, which are:
Miller and Valasek clarified that they had not actually hacked into the vehicles themselves, but instead assessed broad criteria for vulnerabilities to help establish a generalized, objective set of measures by which consumers could compare the exploitability of one vehicle over another, Reuters reported. The researchers said the vehicles themselves may be quite secure in practice, despite their high "hackability" rating.
"Automotive security concerns have gone from the fringe to the mainstream with security researchers showing the susceptibility of modern vehicles to local and remote attacks," the Black Hat conference website states in its introduction to Miller and Valasek's presentation. "A malicious attacker leveraging a remote vulnerability could do anything from enabling a microphone for eavesdropping to turning the steering wheel to disabling the brakes."
The purpose of the car-hacking report, the site states, was to examine the security networks of a large number of automakers and develop a basis for comparing individual models' vulnerability, the state of automotive security and how attacks can be prevented in the future. The study examined three stages of an automotive cyber-attack — including an attacker gaining remote access to an internal automotive network, sending messages to the "cyber-physical" vehicle components and making the vehicle perform an unsafe action — and how easily each would be to perform on a given model.
According to a Reuters report, both Chrysler and Nissan – manufacturers of Jeep and Infiniti, respectively — are looking into the "Most Hackable" report and what could be done to improve. Cadillac parent, GM, did not immediately comment, the news agency reported.
Cars.com photo by Evan Sears