The ease of connectivity has reached many aspects of our lives — and vehicles are not immune to this technological impact. As with any connected device, smart cars are at risk of being victims of cyber attacks and security breaches online.
Connectivity offered by a car means the driver experiences a seamless transition from his smartphone to his cars. From contact information for calls and emails to high-definition streaming of various media from video to music, today’s smart cars have become a smartphone on wheels. Some cars even offer custom apps that allow you to lock or unlock them and even park them by remote control.
While the ease of connectivity is undeniably convenient, that convenience comes with a risk of cyber criminals hacking into the vehicle’s system to obtain personal information and other data. This threatens the vehicle’s essential security and mechanism.
In addition, with digital keys, wireless fobs and mobile car apps becoming more commonplace these days, traditional car keys are becoming a thing of the past. This raises the possibility of car thieves gaining unauthorised entry to these vehicles. By intercepting the transmission between these keyless devices, thieves are able to emulate these signals and hijack the keyless system to gain entry into the vehicles.
As such, it is advisable for keyless fob users to remain alert to this risk, and to always be aware of their surroundings when using their keyless fob. One practical suggestion would be to store your keyless fob in a RFID-blocking pouch to prevent transmission interception.
RISK OF CYBER ATTACKS
Today’s vehicles, even the most basic ones, have some form of computer driving them, whether it’s the cruise control, lane management, or the infotainment systems. As the number of sensors used in modern vehicles exponentially increases, there is a need to make them more robust and secure to thwart the potential for theft of personal information from the vehicle’s system. Cyber criminals are always on the lookout for flaws in the connectivity implementation. Information — such as personal trip and location data, and even financial details — is vulnerable to cyber attacks. If criminals manage to gain access to the owner’s personal data, they could sell it or use ransomware to lock the owners out of their own vehicles until a sum of money is paid.
Unfortunately, some car manufacturers may not be as invested in the security of their vehicle system setup, which allows undesirable services and malware to infiltrate their cars’ network and corrupt them. The problem lies not just in the systems themselves, but also the availability and speed of security software updates. Criminals are always trying to be one step ahead, targeting easy marks with old and dated security systems.
Cybersecurity researchers have recently discovered that connected vehicles of some major brands in the US, including Nissan, Honda, Infiniti and Acura, are still vulnerable to remote attacks. Security testers demonstrated the ease with which a hacker can gain unauthorised access to the car. Just by knowing the vehicle identification number (VIN) of the car, hackers can easily gain access to the car and manipulate it. They can run the car’s commands remotely including locating, unlocking, starting the car, running the headlights, and making mischief with the car horn. While affected carmakers have rolled out patches since to address these flaws, they are always in a constant battle to stay one step ahead of hackers.
As the automotive industry heads towards a more autonomous future, these risks will only increase with the growing reliance on apps and connectivity. So it is important the industry works hand-in-hand with smartphone makers and app developers to regulate connectivity and improve safety and security. Failure to cope with these risks may affect not just consumer privacy and confidence, but — more importantly — consumer safety as well.