Fri 25 Sep 2015
Last week, Wired published an account describing how two security researchers, Charlie Miller and Chris Valasek, were able to wirelessly hack into a Jeep Cherokee, first taking control of the entertainment system and windshield wipers, and then disabling the accelerator. Andy Greenberg, the Wired writer who was at the wheel as the self-described “digital crash test dummy” explained what happened next:
Immediately my accelerator stopped working. As I frantically pressed the pedal and watched the RPMs climb, the Jeep lost half its speed, then slowed to a crawl. This occurred just as I reached a long overpass, with no shoulder to offer an escape. The experiment had ceased to be fun.
Miller and Valasek also wirelessly disabled the Jeep Cherokee’s brakes, leaving Greenberg “frantically pumping the pedal as the 2-ton SUV slid uncontrollably into a ditch.” In response, on July 24 Fiat Chrysler Automobiles announced a recall impacting about 1.4 million vehicles, stating, somewhat incongruously, that “no defect has been found.”
This is the one of the most dramatic demonstrations to date of the cybersecurity challenges that will accompany the growth of the Internet of Things (IoT). And, it offers an opportunity to make some broader observations about the changing landscape of cybersecurity as systems become increasingly connected and decentralized.
Here are five takeaways on the Security of Things (SoT) that designers—as well as companies building products for the cybersecurity market—should keep in mind as they build increasingly complex and connected systems: