You have heard of phones, tablets, and computers being hacked. You may have even heard of industrial equipment being hacked. But did you know that vehicles are increasingly finding themselves in a digital attacker’s crosshairs? Vehicles have had computers for a while, but only recently have they found themselves with onboard bluetooth and wifi network systems. These features can provide utility, entertainment, or safety to anybody using them, but they also provide a way for attackers to gain a foothold into a car’s computer system. These systems can be linked with braking, steering, entry, safety, power, and ignition. This is not a hypothetical situation. Fiat Chrysler recalled 1.4 million cars this year in relation to a Jeep Cherokee that was remotely controlled by security researchers that broke into it’s internet connected entertainment system. The attack did not require anything more than off-the-shelf radio components, a laptop, and knowledge of the system. On top of this, it can be done from anywhere in the world. Some would say that the difficulty in discovering such a vulnerability is high enough to keep a large number of people from pulling it off. However, if an experienced hacker can sell his attack to someone less qualified and far more malicious, the attack could become widespread.
It might soothe you think that the vehicles will be patched and fixed in short order, but the reality is very different. The update cannot be applied automatically. It must be brought into a certified service center to be patched. If people are not aware of the gravity of this problem, then they will not likely get it fixed. The good news is that the the publicity of this vulnerability has forced a change in tack in the automotive industry. Manufacturers are already beginning to secure car computer systems by isolating things like entertainment networks from control systems essential to the car’s core functionality. On top of this emergency connections like OnStar are working to prevent anybody but them from accessing cars on their network or encrypting and verifying traffic using financial-grade security systems.
Hope is not lost! Any car you buy in the future will likely be much more secure than those in the latest generation of vehicles. In the meantime, keep a lookout for a potential car’s security problems before you buy it. One easy way is to make sure it doesn’t use a Wifi connection. Other types of attacks, such as those through bluetooth or a wireless key fob, are less likely as attackers need to be nearby to exploit a car’s computers. Even so, manufactures are also securing these systems so that the future of your transportation is safer and more secure.
Sources:
http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
http://www.ptclwg.com/news/the-most-hackable-cars-on-the-road-1