Hacking Vehicles for a Joy Ride

Hacking Vehicles for a Joy Ride

Imagine parking your Saab 9-3 in front of your mother-in-law’s home and coming out a few hours later, only to find it gone…vanished…disappeared. This is exactly what happened to an interior designer in London. The police immediately asked to see the car’s key and weren’t surprised when they saw it was an electronic fob. Tech-savvy criminals are using key-cloning systems to gain entry to vehicles, and once in, the thief simply drives away.

Vehicle theft is big business, with approximately 6,000 cars and vans stolen using a keyless-entry hack last year in London alone and with a recent Jeep Cherokee cyberattack here in the states, hackers remotely took control of the vehicle’s steering and brakes while it was on a highway. Thank goodness it was a controlled experiment by two “white hat” hackers and not malicious, but the potential risks were clear, prompting Jeep and Fiat Chrysler to recall 1.4 million vehicles to fix the security flaw.

Japanese electronics company Hitachi predicts that by 2020, 90% of all vehicles will be connected to the Internet, so now is the time to consider some of the vulnerabilities:

Cloning electronic keys: For less than $31, people can purchase a device online that allows them to gain access to vehicle models such as BMW, Mercedes, Audi, Land Rover and Saab, plug the device into the diagnostic port and away they drive!

Solution: Add additional layers of security to the electronic key, making it more difficult to copy. Another less hi-tech recommendation: install a mechanical steering wheel lock.

Infotainment system hacking: Criminals target the Internet-connected entertainment and navigation system via a mobile phone network. Internet-connected add-ons for vehicles make them more vulnerable to cyberattacks because vehicle’s on-board telematics computers have wide-open doors, making it rather simple for tech-savvy criminals.

Solution: Firewalls and encrypted communication between entertainment systems, telematics and other critical functions is needed.

GPS spoofing: Signals that power smartphone mapping apps cam be spoofed to deliver fake or altered maps to the car’s navigation system, sending the vehicle off course. In fact, security researchers at the University of Texas were able to change the course of an $80 million super-yacht, shifting it to a potentially dangerous path, and the captain never even knew!

Solution: Human drivers can refer to paper maps, but driverless vehicles may just be out of luck since they rely heavily on satnav systems.

Image: Annopk / Shutterstock.com

About the Author

Ginger Hill is Group Social Media Manager.

  • Ahead of Current Events Ahead of Current Events

    In this episode, Ralph C. Jensen chats with Dana Barnes, president of global government at Dataminr. We talk about the evolution of Dataminr and how data software benefits business and personnel alike. Dataminr delivers the earliest warnings on high impact events and critical information far in advance of other sources, enabling faster response, more effective risk mitigation for both public and private sector organizations. Barnes recites Dataminr history and how their platform works. With so much emphasis on cybersecurity, Barnes goes into detail about his cybersecurity background and the measures Dataminr takes to ensure safe and secure implementation.

Digital Edition

  • Environmental Protection
  • Occupational Health & Safety
  • Spaces4Learning
  • Campus Security & Life Safety