RESOURCES

Thought leaders in information security, we conduct radical, world-changing research and deliver renowned presentations around the world.
Blogs | RESEARCH | August 14, 2014

Remote survey paper (car hacking)

Good Afternoon Interwebs, Chris Valasek here. You may remember me from such nature films as “Earwigs: Eww”. Charlie and I are finally getting around to publicly releasing our remote survey paper. I thought this went without saying but, to reiterate, we did NOT physically look at the cars that we discussed. The survey was designed as a high level overview of the information that we acquired from the mechanic’s sites for each manufacturer. The ‘Hackability’ is based upon our previous experience with automobiles, attack surface, and network structure. Enjoy!

Chris Valasek
Blogs | EDITORIAL | August 5, 2014

Upcoming Blackhat & DEF CON talk: A Survey of Remote Automotive Attack Surfaces

Hi Internet, Chris Valasek here; you may remember me from such movies as ‘They Came to Burgle Carnegie Hall’. In case you haven’t heard, Dr. Charlie Miller and I will be giving a presentation at Black Hat and DEF CON titled ‘A Survey of Remote Automotive Attack Surfaces’. You may have seen some press coverage on Wired, CNN, and Dark Reading several days ago. I really think they all did a fantastic job covering what we’ll be talking about.

Chris Valasek
Blogs | INSIGHTS | April 8, 2014

Car Hacking 2: The Content

Does everyone remember when those two handsome young gentlemen controlled automobiles with CAN message injection (https://www.youtube.com/watch?v=oqe6S6m73Zw)? I sure do. However, what if you don’t have the resources to purchase a car, pay for insurance, repairs to the car, and so on?    Fear not Internet!    Chris and Charlie to the rescue. Last week we presented our new automotive research at Syscan 2014. To make a long story short, we provided the blueprints to setup a small automotive network outside the vehicle so security researchers could start investigating Autosec…

Chris Valasek
Blogs | INSIGHTS | August 5, 2013

Car Hacking: The Content

Hi Everyone,  As promised, Charlie and I are releasing all of our tools and data, along with our white paper. We hope that these items will help others get involved in automotive security research. The paper is pretty refined but the tools are a snapshot of what we had. There are probably some things that are deprecated or do not work, but things like ECOMCat and ecomcat_api should really be all you need to start with your projects. Thanks again for all the support!    Content: http://illmatics.com/content.zip   Paper:…

Chris Valasek & Charlie Miller
Blogs | INSIGHTS | July 24, 2013

DefCon 21 Preview

Hi Internet! You may have heard that Charlie Miller (@0xcharlie) and I (@nudehaberdasher) will present a car hacking presentation at DefCon 21 on Friday, August 2 at 10:00am. “Adventures in Automotive Networks and Control Units” (Track 3) (https://www.defcon.org/html/defcon-21/dc-21-schedule.html) I wanted to put up a blog explaining what exactly we’ll be talking about in a bit more detail than was provided in the abstract. Our abstract was purposefully vague because we weren’t really sure what we were going to release at the time of submission, but obviously have…

Chris Valasek

Commonalities In Vehicle Vulnerabilities

With the connected car becoming commonplace in the market, vehicle cybersecurity continues to grow more important every year. At the forefront of security research, IOActive has amassed real-world vulnerability data illustrating the general issues and potential solutions to the cybersecurity threats today’s vehicles face.

View Whitepaper