Hackers Take Over Outlander PHEV

Hackers Take Over Outlander PHEV

It’s funny how security plays a part in almost every aspect of our lives, including the “next big thing” in automotive: the connected car.

You asked for it, so car and tech companies are meshing together as one to create auto internet connectivity within the newest vehicles hitting the road. New cars are releasing with their own LTE modems and enabling remote apps for vehicle diagnostics or unlocking doors from the comfort of a phone or smartwatch.

But as we all know, anything that is connected to the internet, can and will be hacked. PenTestPartners proved that sentiment by hacking the Mitsubishi Outlander PHEV.

The Outlander allows you to access its remote functions by connecting to the car’s own Wi-Fi network. A Wi-Fi network that Mitsubishi did a really bad job at securing, according to PenTestPartners.

The firm bought their own Outlander to investigate the car’s security after releasing that the mobile app connected differently to the car than they had seen before. They found the pre-shared key easily crackable and the default SSID too formulaic. Once connected to a vehicle, one can play with the lights, or climate control, but the researchers discovered they could lock or unlock the doors remotely, and perhaps more seriously, they are able to turn off the car’s alarm.

PenTestPartners said they contacted Mitsubishi about the security hole. They said their findings were “greeted with disinterest.”

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

New Products

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.