Upcoming Cyber Security Threats Part 5: Hackers Controlling Your Car

Car dashboard computer displayDo you wonder what future cyber security threats the cyber crooks are working on to steal our money, through our computer use? According to Computerworld, the cybercriminal list of law-breaking hacking includes:

– text-message malware
– hacking into smart grids
– social network account spoofing
cyber stalking
hackers controlling your car
– GPS jamming and spoofing.

My thoughts on this list are that the threats are plausible (at least one has already begun), the targets are available (or will be), and there is money to be made for the cybercriminal organizations that sponsor these threats. But what really grabs my attention about these future threats is that their development will require resources such as funding, expert programmers, and intelligence, that would mirror the investment in research and development of top corporations. And is easily affordable by the cybercrime organizations because of the large amounts of money they have amassed in recent years…our money.

These six threats will each be addressed in a series of articles on this blog continuing with hackers controlling your car in this post.

We are entering a period of what the automobile industry has termed the “connected car”, one with wireless connectivity to: the Internet, their own Wi-Fi home network, as well as streaming high-definition movies from Internet sites. This “connected” capability will be powered by 3G network access, an onboard Wi-Fi router, and a computer at least as powerful as you use at home…probably more powerful.

For those of us that have been around computer security for a while, I have to say that this scenario is another opportunity for hackers to cause problems. The threat we’re concerned about is that the hacker can use the “connectivity” to take control of the vehicle’s onboard computer, which is also used to control the engine speed, the braking system, and the door locking system.

“While no real-world exploits are known to have happened, security researchers from the University of California, San Diego, and the University of Washington have hacked into the computers of several late-model cars and remotely disabled the brakes, altered the speedometer reading, turned off the engine, locked passengers into the car and more.

The research team’s initial tests relied on plugging a laptop into the car’s diagnostic system, but later tests identified other entry points for an attack, including the cars’ Bluetooth and cellular connections. More wireless communications in future cars will create even more attack vectors.”

However, it’s a very short step for the hacker to access the vehicle’s onboard computer remotely, especially with all the connectivity the “connected” vehicles will have available.

Vehicle manufacturers in the US are aware of this potential and are working on the development of strong encryption for vehicle-to-vehicle and vehicle-to-communications infrastructure (Wi-Fi access points, etc.) to avoid, or at least delay the hacker’s ability to control the vehicle’s computer. The US Department of Transportation also plans to test the new vehicles to make sure they’re hacker-resistant (whatever that means).

If you’re planning on buying one of these “connected” cars in the future, the Ford Edge is one of the first, be aware of this threat and find out if the above mentioned encryption has been put in place, or if any security mitigation has been implemented to thwart this possible hacking scenario. If you need help deciphering their answer, ask a technical support person to help, look for articles on the subject on the Internet, and call the vehicle manufacturer to get an answer. Then, if it hasn’t been done, I’d wait until it has been properly installed and running for a while before I’d buy one.

Please comment on this subject; we all learn from each other when our views and opinions are shared.

Don’t miss an article. If you enter your email address in the Email Subscriptions box on the right column of this page, I’ll send you an email when a new article is posted. I don’t share your email address with anyone…no one; I hate spam too. Please share my site with your friends and family. Thanks.

Home computing is a blast…keep it safe, productive and enjoyable.

Best regards,

Paul

paulshomecomputing(at)yahoo.com

Advertisements

Leave a comment

Filed under Internet, security

What do you think?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s