Hack my ride – Could cars be the new cyber-security soft spot?

cute_carForget about flat tyres and petrol prices: cars can be hacked and their computerised safety systems compromised, says a security software vendor.

Cars are getting more embedded gadgets every year, and security software vendor McAfee and embedded computing company Wind River are worried this may make them targets for hackers. So worried, in fact, that they’ve jointly penned a White Paper called “Caution: Malware Ahead. An analysis of emerging risks in automotive system security” to discuss the issue (The link above opens a PDF copy of the report).

The gist of the document is that cars are now full of electronics and criminals might try to exploit them.

“New cars have the ability to be remotely started by a mobile phone, using a connection from the car and a request to start it from the key holder through cellular network services or the Internet.” the White Paper says, before going on to say that previous advances in automotive technology were exploited by criminals.

“But there is a concern that as the industry advances, there has been little done to ensure the security of these systems. The first remote keyless entry systems did not implement any security and were easily compromised: a regular learning universal remote control for consumer electronics was able to record the key signal and replay it at a later time.”

Having your car pinched is not the only thing you need to worry about, as the White Paper says “Last year, researchers of the University of California, San Diego, and the University of Washington demonstrated that critical safety components of a vehicle can be hacked if physical access to the vehicle’s electronic components inside the passenger cabin is available.”

The document also mentions potential attacks using the Bluetooth networks built into many new cars to enable hands-free phone calls.

Another risk the White Paper hints at involves siphoning data from in-car entertainment systems, as data about the music you listen to in the car and the vendors you purchase it from is potentially valuable to criminals.

If, at this point in the story, you think it might be a good idea to get your old VW Bug back on the road to avoid hackers running you off the road, stop worrying because the threats the White Paper discusses are currently theoretical.

But security vendors love nothing more than keeping getting you just a little bit afraid and, noting the likely increase in connected devices in modern cars, ask “10 years from now, will these same systems continue to hold consumer confidence, or will they quickly become another avenue for malware and breach of privacy data?.”

Over to you in the DISQUS comments field below.

promoted stories