If a fleet of, say, 100 units were immobilized, "the hack would likely be into some added hardware or software installed by the fleet operator," such as what occurred in Austin, says Bedore.
Nonetheless, a fair number of vulnerabilities in car computer systems currently exist, says Savage, although he feels it will be a while before computerized attacks are preferable to physical ones. "The most likely scenario where you have to worry are disgruntled attacks, where people are trying to sow havoc," he says.
Inside threat
There are two main ways an attacker could theoretically gain access to a car's internal network. The first is by physical access, such as a mechanic, a valet, a person who rents a car, an ex-friend or car owner, someone with momentary access to the vehicle. The attacker could insert a malicious component into a car's internal network via the OBD-II port, typically located under the dashboard. A brief period of connectivity embeds the malware within the car's components.
Similarly, counterfeit or malicious components may enter the vehicle before it is sent to the dealer or with a car owner's purchase of an after-market component such as a radio or alarm.
"One of the attacks we staged took advantage of vulnerability in the diagnostic tools used at dealerships," says Savage. "We built a virus that could get into a dealership and then could affect the diagnostic tools. So whenever a car was brought into the dealership and the diagnostic tool was connected to the car it would infect the car."
Savage and his team built a package that, upon taking over the car, would then contact his team's servers via the Internet and request further instructions. "At that point we could download just about any functionality we wanted -- disable the car, listen to conversations in the car, turn on the brakes, etc."
Access may also happen via numerous wireless interfaces. "Cars are not only becoming more computerized internally, but that they are becoming increasingly connected to the outside world," says Franziska Roesner, a student and researcher in the security and privacy research lab at the University of Washington. She calls this interconnectedness a "concerning" trend.
Today's cars are connected to the cell phone network and to the Internet via systems including OnStar, Ford Sync and others, Roesner explains. They have Bluetooth connectivity, short-range wireless access for key fobs and tire pressure sensors, they support satellite radio and they also have inputs for CDs, iPods, USB devices and others, he says.
"We liken this increase in connectivity to the desktop computing world before the Internet: Security vulnerabilities on disconnected machines suddenly became very important when computers were networked together," says Roesner. "There's even talk among auto manufacturers about creating app stores for cars. We're at the same point in the evolution of computerized automobiles."
Roesner works with other researchers to identify these issues with the goal of addressing them before they become major problems.
Studies conducted by Roesner and her colleagues show the OBD-II port as the most significant automotive interface for hacking purposes. This port provides access to the vehicle's key controller area network buses and can provide sufficient access to affect the full range of a vehicle's systems.
Alternatively, hackers may deliver malicious input by encoding it into a CD or a song file, which may "live" on an iPod or other MP3 player, or by installing software that attacks the car's media system when it connects to the Internet.