Researcher also launches a DoS attack on the car’s computer. A professor at Hiroshima City University was able to hack an Internet-connected car with a custom-made WiFi device and an app on his smartphone,Japan Times reports.
In his experiment, Hiroyuki Inoue, an associate professor at Hiroshima City University’s Graduate School of Information Sciences, used a 2013 Toyota Corolla Fielder Hybrid.
Inoue was able to open and close the cars doors, alter speedometer displays, and block the car’s accelerator.
Toyota Corolla hacked via $82 gadget
To achieve this, the professor had to create a custom WiFi device, which cost him around ¥10,000 ($82 / €75), that he later installed on the car, by plugging into a port under the steering wheel.
This port is in the car to allow mechanics to perform maintenance on the car and has a direct connection to the car’s internal CAN bus, where data from all the car’s electronic devices is centralized.
Using his smartphone, Inoue then connected to this device and instructed it to give false readings or perform various other actions on the car’s components.
DoS attack on the car’s computer
Additionally, Inoue was also able to paralyze the car by sending it huge amounts of information, the equivalent of a DoS (Denial of Service) attack.
The professor’s findings now raise questions about the security of these type of Internet-connected cars. While in previous months security researchers were up in arms about the possibility of getting hacked and losing control of the car while in motion, the same talking heads will now be able to have new fearmongering debates about the possibility of being DDoSed.
Professor Inoue plans to give a longer presentation about his findings at a three-day cyber-security symposium that will be held in Okinawa today.
Toyota and the Japan Automobile Manufacturers Association were also informed of his study’s results, and will both be taking actions.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.