Case study: Jeep Cherokee attack
The famous Jeep Cherokee attack in 2015 was the turning point for the automotive industry.
It was carried out by two security researchers – Charlie Miller and Chris Valasek. They were able to remotely hack the vehicle and control its functions, including the steering wheel, brakes, accelerator, wipers and radio, due to a vulnerability in the car’s entertainment system.
Before this case, many automotive manufacturers believed that it was not possible to launch remote attacks on vehicles. Jeep Cherokee was selected due to its large attack surface, simple architecture and several advanced physical features, making it an ideal candidate. Due to this attack, around 1.4 million vehicles were recalled.
As a start point, Miller and Valasek (2015) targeted the multimedia system by hacking the wifi and exploiting the automatic password generation that occurs each time the car starts. Using a brute force approach, they were able to hack into the system without being in close proximity to the vehicle.
They discovered that the wifi password is generated before the actual time and date is set and is based on a default system time, plus a few seconds, during which the head unit starts.
Finally, they were able to take control over the head unit by exploiting common vulnerabilities in the software. By controlling the head unit remotely, various attacks can be launched, such as a sudden increase in the volume, or turning off GPS.
Potential remote attack surface in Jeep Cherokee
Some of the attacking points discovered by Miller and Valasek in the Jeep Cherokee are as follows: TPMS, Bluetooth, FM/AMXM, RKE, cellular, internet through radio, RFHM (radio frequency hub) to controller area network (CAN) bus.
They exploited one of the vulnerabilities in the car infotainment system that uses cellular connection to provide access to the internet and other services.
Watch the video of the Jeep Cherokee attack.
Further information about the Jeep Cherokee attack can be found here.
Conduct some research to find out what other ways Miller and Valasek tried to attack the in-vehicle networks.
Miller, C., and Valasek, C. (2015) Remote Exploitation of an Unaltered Passenger Vehicle. Las Vegas: Black Hat USA
© Coventry University. CC BY-NC 4.0