Is your car hackable? Cybersecurity experts say it might be
Tin foil is one way to keep modern car key fobs safe from creative thieves. But there are others. Kim Komando explains the technology — and how to keep them safe. Kim Komando, Special for USA
If your vehicle is like most new ones, it’s basically a 2-ton connected, mobile computer on wheels – which is great if you want to enjoy the latest technological innovations during your commute.
What’s not so great is that hackers can use that connectivity to access your private information, steal your car or even worse.
“The worst-case scenario is that they can completely take over and control anything in your car, from the brakes to the steering wheel,” said Asaf Ashkenazi, vice president of product strategy at Inside Secure, a software firm in San Jose, California. “The scariest scenario is that you’re driving and they make your car crash.”
These type of hacks aren’t just possible, they become even more likely as consumers continue to call for greater convenience in their daily driving companions. Convenience relies on connectivity and the more connectivity, the more gateways for hackers can crack into.
Perhaps the highest-profile car hacking occurred in 2015 when security researchers Charlie Miller and Chris Valasek hacked into a 2014 Jeep Cherokee and were able to control the steering wheel, disable the brakes and shut down the engine.
In 2018, a man in Australia hacked into the database of the car-sharing start-up GoGet and went on more than 30 free drives before being arrested. The FBI has even issued a warning to drivers about the threat of over-the-internet attacks on cars and trucks.
One of the reasons that connected cars aren’t secure is that the manufacturers aren’t as cybersecurity savvy as you’d like to think, according to new research.
Sixty percent acknowledged that lack of understanding and training on secure coding practices leads to vulnerabilities in automotive software and 39 percent said product development tools have inherent bugs.
Sixty-two percent of those surveyed said a malicious attack against automotive technologies is likely or very likely to occur in the next 12 months.
Car theft is apparently on the rise, and a big reason seems to be people keep leaving their key fobs in their vehicles. Buzz60
Ashkenazi said that any software system built by humans is bound to have bugs and that virtually everything connected to the internet is hackable to some degree.
But what makes the auto industry particularly vulnerable is that its cybersecurity practices are not keeping pace with the ever-evolving security landscape, according to 88 percent of respondents in the joint Synopsys and SAE International study.
Automakers have become more conscious of the looming threats to car security in recent years. GM’s self-driving car division hired Miller and Valasek in 2017 after their infamous car hack went viral. And a number of firms like Inside Secure are working with the connected car market to help protect motorists.
Person uses GM mobile app (Photo: GM)
Still, the million-dollar question remains: Is your car hackable?
Probably, according to Ashkenazi.
If you can unlock and start your car using an app, then a hacker just needs to gain access to that app and your vehicle can be compromised. However, hackers are likely more interested in making a profit by exposing a bug to car companies, Ashkenazi said.