At a conference where hackers can try their hands at picking locks and discovering cyber vulnerabilities in a makeshift hospital, they can also try to break into the control units of cars and take over driving functions.
Those efforts at the DEF CON security convention in Las Vegas are sponsored by car manufacturers and OEM suppliers that have increasingly recognised the need to collaborate with so-called “white hat” hackers – cyber experts who specialise in discovering vulnerabilities to help organisations.
Attendees who visited the car hacking site had to escape a vehicle by deciphering the code to open its luggage compartment, control its speed and the volume of its radio and lock the doors through their computers.
“A big part of it is redefining the term ‘hacker’ away from that of a criminal to make automakers understand that we’re here to make their systems more secure,” said Sam Houston, senior community manager at Bugcrowd, which recruits researchers for so called bug bounty programs at Tesla Inc, Fiat Chrysler Automobiles and other vehicle manufacturers.
Volkswagen AG, Fiat Chrysler and suppliers Aptiv PLC and NXP Semiconductors NV were among the sponsors of this year’s car hacking village. DEF CON expects at least 25,000 attendees by the end of the weekend.
Interestingly, to protect their privacy, the event’s participants are not registered by name and attendees need to pay in cash to receive a blinking badge featuring an exposed circuit board that allows them to complete tasks.
The conference provides an opportunity for enthusiasts to learn about car hacking, a resource-intense research field that requires specialized knowledge and lots of preparation.
“Automotive provides a great challenge because the systems are distinct from other security areas,” said Craig Smith, a security researcher who, together with Robert Leale, founded the car hacking village in 2015. Leale and Smith said they have witnessed a steady annual growth in participants.
More connections and technological features in modern vehicles also increasingly attract security professionals from other research areas, said Aaron Cornelius, senior researcher at cybersecurity company Grimm. Cornelius was supervising a station where participants could try to hack into the control units of a 2012 Ford Focus.
Assaf Harel, chief scientist of Karamba Security, an Israeli company that provides automotive security technology and works with car manufacturers and suppliers including Denso Corp and Alpine Electronics Inc said the hacking community has opened the auto industry’s eyes.
“Carmakers have been discovering new issues with their traditional architectures thanks to white hat hackers, which highlighted security needs for carmakers and suppliers alike,” said Harel, who operated a station where hackers could try to modify a model traffic light.
For more on the event, follow the link to the Reuters report.