Alright so It is highly unlikely you car has really been hacked….so far. But the likelihood of this becoming a reality is increasing by the model. Car manufacturers now use computer software to monitor everything from gas mileage to engine efficiency to all the electronic systems. There are even programs to monitor your brakes and exhaust – and more and more systems are being ‘upgraded’ with computer monitoring that can be remotely accessed.
The initial idea is a good one. It’s nice to be able to get an email telling you when it’s time to have your oil changed, or perhaps a text message reminding you that you are low on gas. Our car is a huge investment that, depending on how it is driven and maintained, can either cost us a little extra or a ton of extra money to keep up. Most people are too busy, or simply not very good at maintaining their car, so having installed software programs to remind us when to do certain things can save a bundle. There are also programs being installed right now that will give us access to data on our personal driving habits; we can see if we are pushing our accelerator to hard for our engine or if we are breaking to hard, turning too fast etc…for our cars abilities therefore helping us drive safer and improve the life of our vehicle. All this sounds awesome until you think about it from a security standpoint.
Most all newer cars have software to control the antilock brakes, control the fuel injection system and lock or unlock our doors remotely. How far off are we from someone figuring out how to use a smartphone to unlock our cars doors and remotely start it? How about tracking where our car is so they know when we are not home?
Those are the least of our worries however. The real concern is with the braking systems and in-dash controls like speedometer (which is electronically controlled and computer monitored). Sure it isn’t very likely a malicious attack would be struck against a single individual- but all this information is accessible remotely by other computer systems set to store that information, analyze it for you and make it accessible by you. These other systems are windows into thousands, if not millions, of vehicles and their individual computer systems. One ill intended individual could therefore in theory send harmful code to all these cars at once.
Maybe its science fiction right now…but how do you feel about the possibility of a ‘denial of service’ attack on millions of breaking systems during rush hour?