Blog

What 'Knight Rider' Got Wrong About Automotive Cybersecurity

Karamba Security | May 30, 2019
knightrider

This 1983 episode of “Knight Rider” shows an early TV depiction of a remote hack of an autonomous car — and it gets almost everything wrong. Let’s take it step by step.

The story begins on a California state highway in the early 1980s.

A man with blow-dried hair sits in the driver’s seat of a black Pontiac Trans Am, oblivious to the road ahead of him, his hands wielding a joystick as he plays Pac-Man on the car’s infotainment system. Fully-protected inside his car — which is powered and navigated by a self-aware and very neurotic AI — the man who would be Mitch from ‘Baywatch’ feels at liberty to go hands-free and let the machine do the work.

It’s a rather idyllic depiction of the autonomous vehicle driver experience, though it quickly becomes a cybersecurity nightmare.

This 1983 episode of “Knight Rider” shows an early TV depiction of a remote hack of an autonomous car — and it gets almost everything wrong. Let’s take it step by step.

(watch video here)

Michael Knight (played by David Hasselhoff) is deeply-ensconced in his game of Pac-Man when the AI powering the black Pontiac — K.I.T.T. — informs him of a young woman standing on the shoulder of the road next to a Rolls-Royce with the hood up.

Knight stops to provide some roadside assistance and makes a quick fix, after which the woman invites him to her place for a drink. The camera cuts to a seaside, Tudor style southern California mansion, where Knight is having a cocktail and discussing art with the woman. Moments later she turns on some electronic music (it’s not bad!), which puts Knight into a trance, knocking him to the carpet below.

Our hero incapacitated, a van pulls up in the driveway and out hops the “teenage hacker” who will carry out a remote-code execution attack that will give him control of the world’s most advanced Trans Am.

The hacker, a computer whiz kid from Chicago named Randy Merritt (played by Brian Robbins, who would later star in “C.H.U.D. II: Bud the C.H.U.D.” and have a long career as a movie producer), jumps into a computer lab in the back of the van and wielding a joystick, establishes a connection with the electronic control unit of K.I.T.T. Randy punches in the command “Hello. My name is Randy. I want you. Don’t Resist. It won’t do you any good.”

In an instant, Randy is able to remotely open the doors and pop the hood of K.I.T.T’s body.

He types something and the words “computer override” splash across the screen. He now has control of the car, which he wields with what looks like an Atari CX10 Joystick. He then types in four lines of 9-digit code, followed by “DESIGNATE ACCESS CODE” and he has total control of the car, though he is not able to take control of K.I.T.T. — the central processing unit. Regardless, Randy has hijacked K.I.T.T.’s body, and for the next 40 minutes he is one of the most dangerous cybersecurity threats television viewers of 1983 have ever seen.

First things first, the average connected vehicle has more than 100 million lines of code. These are some of the most complicated machines in production, and the idea that a hacker could remote operate one after typing in a single command is doubtful at best.

SPOILER ALERT

Later in the episode, as guards in an armored bus escort \$14 million worth of art down a highway, Randy manages to remote hijack the bus and cause it to run off the road. The bus looks like it was built long before 1983 and probably doesn’t have a tape deck, much less an onboard computer navigation system. Randy would have had better luck trying to disable it by throwing his joystick at the windshield. After K.I.T.T.’s body is hijacked, even in the hands of a malicious hacker, it continues to send back its coordinates to Knight. The hacker is not able to control outgoing communication, or perhaps he just doesn’t bother.

We would be remiss though if we left out what the episode does get right. Within the first 10 minutes, Knight takes an invite from a woman he just met — whose name he doesn’t know — to come to her house for a drink. He leaves his highly classified “supercomputer on wheels” in the driveway and strolls into the all-but-deserted mansion to get knocked out by hypnotic techno, as one does. Now, while strangers meeting for daytime drinks in weird southern California mansions may seem like a very early 80s thing, this scene also depicts one of the main cybersecurity concerns for any connected system — the human element. Even the most sophisticated cybersecurity software can be compromised if users practice poor security tradecraft, like clicking on phishing emails or using simple or obvious passwords.

Also, we should note that the Hoff is a perfect 80s cornball lead and the Knight Rider theme song (composed by Stu Phillips) still bangs. In 2019 you could sample it and have a song on the Hip Hop/R&B charts, even 25 years after Busta Rhymes did.

Looking back 35 years later, episode 9 of Knight Rider’s second season can look kitschy and laughably outdated, but in some ways the writers were prescient. They foresaw a simple reality that is at the core of so much of what Karamba does: that no matter how sophisticated or state-of-the-art your connected system is, it is all for naught the moment it comes under the control of a hacker.

Read more

Continue the conversation!

Want to learn more?

Contact Us
Loc

Israel

24 HaNagar Street
Hod Hasharon
45277-13
Tel: +972 9 88 66 113

Loc

USA

41000 Woodward Ave
Building East, Suite 350
Bloomfield Hills, MI 48304
Tel: +1 833 4KARAMBA

Loc

Germany

Wasserburger
Landstr. 264, Munich
81827
Tel: +49 892 1547 7583