Your car has been hacked!

Alright so It is highly unlikely you car has really been hacked….so far. But the likelihood of this becoming a reality is increasing by the model. Car manufacturers now use computer software to monitor everything from gas mileage to engine efficiency to all the electronic systems. There are even programs to monitor your brakes and exhaust – and more and more systems are being ‘upgraded’ with computer monitoring that can be remotely accessed.

The initial idea is a good one. It’s nice to be able to get an email telling you when it’s time to have your oil changed, or perhaps a text message reminding you that you are low on gas.  Our car is a huge investment that, depending on how it is driven and maintained, can either cost us a little extra or a ton of extra money to keep up. Most people are too busy, or simply not very good at maintaining their car, so having installed software programs to remind us when to do certain things can save a bundle. There are also programs being installed right now that will give us access to data on our personal driving habits; we can see if we are pushing our accelerator to hard for our engine or if we are breaking to hard, turning too fast etc…for our cars abilities therefore helping us drive safer and improve the life of our vehicle. All this sounds awesome until you think about it from a security standpoint.

Most all newer cars have software to control the antilock brakes, control the fuel injection system and lock or unlock our doors remotely. How far off are we from someone figuring out how to use a smartphone to unlock our cars doors and remotely start it? How about tracking where our car is so they know when we are not home?

Those are the least of our worries however. The real concern is with the braking systems and in-dash controls like speedometer (which is electronically controlled and computer monitored). Sure it isn’t very likely a malicious attack would be struck against a single individual- but all this information is accessible remotely by other computer systems  set to store that information, analyze it for you and make it accessible by you. These other systems are windows into thousands, if not millions, of vehicles and their individual computer systems.   One ill intended individual could therefore in theory send harmful code to all these cars at once.

Maybe its science fiction right now…but how do you feel about the possibility of a ‘denial of service’ attack on millions of breaking systems during rush hour?

http://www.foxbusiness.com/personal-finance/2011/09/29/new-threat-to-your-car-ticked-off-geek/

Advertisements

4 thoughts on “Your car has been hacked!

  1. Along similar lines it was recently discovered that the Ducati Diavel motorcycles use the last four digits of the VIN as the default PIN for starting the motorcycle. VIN numbers are easy to discover so you can imagine that people who don’t change they’re default PIN are going to be missing out on their motorcycle.
    http://osvdb.org/show/osvdb/75811

    • Nice. I wonder how many things like that we don’t know about. Makes me think about all the default pin numbers that are set to things like your birthdate, how many people never change those? The smart sites make you change your pin the first time you log on…but not all. I also wonder if the Ducati sales people conveniently “forget” to tell their customers about that issue so after the bike gets stolen the customer will come back to them to buy another bike.

  2. The fact that thousands of random cars can randomly stop functioning while on the road is a really terrifying thought. I think that if I do get a car that has some form of wireless communication with my phone or computer, I might disable it’s wireless capability until I actually need it (such as when I know my car has been stolen and I need to track where it is). Hopefully the car companies implementing these wireless abilities also include either GOOD security or at least the ability to override the connection with the car so only the company can see where the car is and not the thief.

    • I am sure…well..okay I am hoping, that all car manufacturers are working on security to prevent anything like that from ever happening. Normally I would say that a company would not do anything about an issue until it begins to cost them money, in this case however the liability would be off the charts. I think we can safely assume that all breaks failing to work at the same time is highly unlikely. Wireless communication on the other hand is a different story. “Hello, this is OnStar, there is a problem with your billing….”

Comments are closed.