[ACS_Solver]

That's not the US military by the way - despite persistent rumors to the contrary, other countries do exist.

I also find the outlook a bit optimistic admittedly, but there are definitely plenty of better targets than cars for a sophisticated actor. Car software is very different from model to model, and there's a large variety of models on the road - even if you can cause all cars of model X in an area to accelerate to dangerous speeds (something far beyond the capability of current exploits), that will only affect a small proportion of all cars in the area. It will undoubtedly cause chaos, but nothing on the scale you can get by attacking some weaker systems.

Even a coordinated attack against traffic lights is easier to pull off and has no less potential damage.

[angry_octet]

But it only takes one car (or truck) to cause chaos on a freeway.

As to versions, you may be familiar with Cellebrite? Their stock in trade is having a huge database of exploits for every popular phone. And cars frequently have common software and computing components. It's just a matter of time before script kiddies can pop an unpatched car -- as soon as their is an external wifi / 3g connection. At the moment most only have Bluetooth to the stereo.

I'm curious as to what weaker systems they were thinking about. Obviously the OT at various plants, but that can be air gapped. Most traffic light systems have in built low level safeguards to prevent conflicting states, and the high level system is centrally managed and patched. Attacking requires a multi-stage attack, maintaining access requires continual maintenance, so it just doesn't have the impact an unpatchable vuln in embedded devices does.

[ACS_Solver]

> But it only takes one car (or truck) to cause chaos on a freeway.

And that's back to the original point, if you are looking for such small scale problems, make a spike strip and deploy it on the highway. Same scale of destruction as taking one car over, orders of magnitude less skill and money required.

Cars have standard components, but even for cars that don't take digital security seriously (Tesla has that reputation), no driving functions should be on the same network as the external 3G/4G. Yeah you have the infotainment or door opener there, but any ECU running an ASIL-qualified function should be on a separate network, and treat anything connected to the external world as untrusted. That was definitely one of the core architecture assumptions in all car software I've seen. The infotainment system is considered to be compromised and possibly sending malicious data. All the important communication happens on a different network, where internal signing and authentication mechanisms are also used.

And at that level, the internals are too different for the same exploit to work everywhere. What you need to send on the network to make the car brake, or what data format represents the gearbox position, those are different.

[EricMausler]

I think the major overlooked point is that the modern digital world provides a means for people to commit crimes they otherwise would not have done, simply because they can and because they feel there is low risk of getting caught.

A spike strip, you have to be in the area. A remote attack, you don't have to particularly care about any specific area enough to physically travel to it.. someone can cause chaos simply because they are bored.

And immediately after, they can go do something else.

Tech vulnerabilities aren't yet accessible enough to these types of people, but soon enough they will be and it is not like security is in a temporary poor state. A lot of these systems will remain unchanged for a long time because they are part of an already working business model

[angry_octet]

Police are quite practiced in finding armed robbers and other people who might use a spike strip (which is pretty tricky to deploy IRL if you want to hit a specific car). But organised crime car theft (with access to key cutting/duplication, remote unlock repeaters, engine immobilizer bypass codes, etc) is a significant problem. I don't see any reason why OCGs wouldn't be enthusiastic users of hacks, the same way that card skimmer gangs operate.

[Quarrelsome]

> no less potential damage.

A centralised and timed attack against a tech stack that has significant dominance in the market in the future has one of the biggest potential ceilings out there. Cars are effectively kinetic weapons and if you could say, get 30% of vehicles to turn into on coming traffic on a Friday afternoon the outcome could be seriously ugly.