The phrase ‘Internet of things’ has been used widely over the past few years, referring to the increasing connectivity of everyday items. With vehicles nowadays routinely computerised and rapidly joining the list of online objects, there have been reports in the media warning of the threats posed to connected vehicles. But can your car really be hacked? And if so, what can you do to keep attackers out?
The Age of Connected Vehicles
With car manufacturers turning their efforts to producing connected vehicles (those which have internet access and often their own internal wireless networks), there is an emerging concern that their connectivity leaves them open to attacks.
The operating systems in question generally use Google’s Android Auto, Apple’s CarPlay, or both. The similarities to existing mobile device operating systems mean that hackers have already had time to get used to how they work, and find ways to break into them.
Last year, a group of researchers managed to remotely take control of one of their Jeeps, leading the company to recall over 1 million cars. And back in 2013, members of a security firm used a laptop to take control of a Ford Escape. They were able to change the readings of the fuel indicator and speedometer, sound the horn, even control the steering and deactivate the brakes. Although they had to directly plug into the car’s data port to achieve this, they expressed that hackers would soon be able to do this remotely. Part of the reason for this is that, as wireless functions within vehicles increase, so do possible ways to gain unauthorised access.
Perhaps the closest thing to a real attack was an incident that occurred in Texas when an ex-employee of a car sales centre managed to take control of their remote immobilisation system. Over 100 cars were either disabled or had their horns sounded repeatedly. However, the attacker already had access to the system, and it was not because of vulnerabilities in the vehicles.
The FBI has responded to concerns by issuing a statement with advice. As with a home computer, you should always make sure your car’s software is kept up to date so that any known security flaws can be fixed. Be aware of any recalls, and be cautious of unauthorised changes to your vehicle. Try to avoid connecting any non-secure devices to the car’s network.
Commonly, cyber-attacks begin with phishing emails, and car hacks would likely be no different. It is important to exercise caution with suspicious messages. You should also try to learn about the wireless systems in your car. Lastly, only buy vehicles from reputable dealers, as it is possible that network devices could be tampered with.
Malware attacks against computers are generally financially motivated, and there isn’t currently a financial incentive to hack cars. Remember that successful hacking attempts might sound terrifying, but so far they have been an important part of finding security loopholes and ensuring malicious attackers are kept out.