It might sound like a story from the world of science-fiction. But it’s a scenario that has become an increasing reality—malicious threat actors are finding ways to hack into cars and other automotive vehicles! The most famous example of this phenomenon occurred in 2015 when two hackers demonstrated that they could use exploits to take complete control of a Tesla Model S. While Tesla patched the model overnight, it was just an illustration of the new era of cybersecurity we live in where even cars can be remotely accessed by malicious threats!
It’s perhaps not a surprise though—today’s cars rely heavily on computer systems to offer mobility, information, entertainment and even safety services. With the Internet of Things (IoT) becoming the buzzword, cars will only become smarter with more software that will give attackers entry points for attacks.
A common form of automotive hacking is the key fob attack. Most cars nowadays have remote keys through which their owners can unlock their vehicles by pressing the button from a short distance and sending a signal. Hackers can clone the radio signal, hence tricking the car into believing that it was being unlocked by the correct key.
Another type of automotive hacking which is not hacking but can do more damage is large-scale hacking into automotive systems through which cars can be controlled remotely. An example of this was seen in 2015 when two security researchers remotely took control of a Jeep Cherokee vehicle as an experiment by exploiting vulnerabilities in the car’s internet-connected entertainment and navigation systems. They managed to activate the windshield wipers, turned on the radio and even turned off the engine in the middle of the highway! This led to Fiat Chrysler recalling 1.4 million cars after the hacking.
As the capabilities of connected cars improve, it’s clear that automotive manufacturers must make renewed efforts on cybersecurity to ensure their cars cannot be taken over by external sources. Cars need to be considered a device similar to a desktop/laptop or a mobile phone when it comes to cybersecurity. The consequences could be even more dangerous—imagine hackers taking control of cars remotely and crashing them!
As an end-user, when you consider your next car, don’t just go by its mileage, top speed, acceleration or other features. You should also consider the security aspect. Do your due research and see the history of the manufacturer in question. If there are access control features on the car such as mobile applications through which you can control your phone, ensure you set strict controls. Keep passwords or code keys that are difficult to guess and never share them with anyone. Keep your car keys strictly to yourself and never let them out of your possession to ensure they can’t be cloned.
Automotive hacking is a reality of the new world of interconnected devices that we inhabit. While an increase in connectivity will lead to productivity and more customized solutions, it’s also important that we acknowledge the security aspect of it and take steps to ensure that malicious threat actors don’t get the opportunity to cause mayhem.