On August 4, Michael Arcee and Jesse Zelaya were apprehended by the Houston Police Department in connection with a string of vehicle thefts that has stretched back several months.
According to Houston authorities, the two men used a laptop and some sort of pirated software to gain access to more than 30 Jeeps, a make of vehicle that has been shown in the past to be susceptible to hackers’ advances. Houston reported problems with Jeep thefts back in July, and though the police were aware that the hackers were using laptops to gain access to the vehicles, they believed that the extent of crimes being committed using laptops was relatively “minuscule.”
The Houston police haven’t shared the means by which Arcee and Zelaya reportedly gained access to and made off with the Jeeps, but the science of hacking vehicles is somewhat straightforward. Inside every modern vehicle is a device called the Controller Area Network (CAN) bus, which is essentially your vehicle’s “soft, squishy center.” Hackin in is a breeze for technically apt hackers, and once they’re into the CAN bus, the car is pretty much theirs. The task is made even easier with the realization that nearly every part of your car is connected to the CAN, which means nearly every part of your vehicle is a potential means of ingress for hackers.
As technological advancements like Bluetooth and Wifi become more prevalent in vehicles, those features, too, are vulnerable to enterprising thieves. The means of access is so varied and so difficult to detect that when police apprehended Arcee and Zelaya they couldn’t even claim with certainty that they’d gotten the right men, saying, “There’s a possibility they may not be the only ones that are doing this, but right now we feel if they are the only ones that are doing this, with this arrest we hope we will be able to curb the amount of thefts occurring.”
Good luck on that plan, officers.