BOSTON (Reuters) - Two security experts who a year ago exposed methods for hacking the Toyota Prius and Ford Escape say they have developed technology that would keep automobiles safe from cyber attacks.
At last summer’s Def Con hacking conference in Las Vegas, the two researchers, Chris Valasek and Charlie Miller, described ways to launch dangerous attacks, including manipulating the brakes of the moving Prius and the Ford Escape.
Valasek told Reuters on Tuesday that he and Miller will show off a prototype vehicle “intrusion prevention device” at next month’s Black Hat hacking conference in Las Vegas.
They built the device with about $150 in electronics parts, though the real “secret sauce” is a set of computer algorithms that listen to traffic in a car’s network to understand how things are supposed to work. When an attack occurs, the device identifies traffic anomalies and blocks rogue activity, Valasek said.
The two well-known computer experts decided to pursue the project because they wanted to help automakers identify ways to defend against security vulnerabilities in their products.
“I really don’t care if you hack my browser and steal my credit card,” Valasek said. “But crashing a car is life or death. It is dramatic. We wanted to be part of the solution.”
The research the two have released on the Ford and Toyota cars, as well as work by other experts on different types of vehicles, has raised concerns that somebody might one day try to replicate their work to launch a real-life attack.
Yet the U.S. National Highway Traffic Safety Administration said in a statement on Tuesday that it is not aware of any incidents of consumer vehicle control systems having been hacked.
The auto industry has beefed up efforts to identify and mitigate potential cybersecurity risks over the past few years.
“Cyber security is a global concern and it is a growing threat for all industries, including the automotive,” said Jack Pokrzywa, manager of global ground vehicle standards with SAE International, a group that represents industry engineers.
Pokrzywa declined to comment on the specifics of the new technology from Valasek and Miller, though he said ”Any viable solution reducing cyber threats is a step in the right direction.”
A representative for Ford said she had no immediate comment on the device. Officials with Toyota could not be reached for comment.
Reporting by Jim Finkle in Boston; Editing by Richard Valdmanis and Dan Grebler