Back in the day, your average car thief busted into your car with a coat hanger or a baseball bat, hotwired your ignition and drove away. Your lines of defense were simple: use a steering wheel locking device, lock your car and hope for the best. That was then. Today, the same technology that lets you ask your car how to find the nearest pizza parlor or listen to tunes on SiriusXM also creates an inroad for hackers — giving you and your car insurance company something new to worry about.
How soon before the geek down the street becomes a cyber auto thief? Soon enough that auto manufacturers, scientists and insurance companies are hard at work to prevent the potential from becoming a reality.
According to the article Auto Hacking Seen as Growing Risk with Electronic Frenzy, which appeared on Bloomberg.com last month, there is growing concern that tech-savvy car thieves could “exploit security weaknesses to remotely open and start a car.” The operative word is tech-savvy. Apparently it took a team of UC San Diego researchers more than a year to hack into a car. In short, it takes a lot of effort, money and time to hack a car.
But, where there’s a will and a profit motive, you can pretty much depend on the crooks figuring out a faster, easier way to access your car digitally. As manufacturers continue to put increasingly wired vehicles on the road, our cars will become as vulnerable to malicious invasions as our computers and smartphones. If there’s a weakness in your wireless network or Bluetooth driver, count on some bright bad guy compromising it. In other words, while you’re checking your email on your car’s integrated cell phone, a hacker could be taking control of your car’s electronic brain. A Car & Driver article published last year identified these highly hack-able points on your car:
- The telematics system (like OnStar)
- The OBD-II port where all your car’s electronic systems interface
- The power locks on your door
- The wireless key fob
- The MP3 player
According to The Evita Project, a study to design secure automotive hardware published in Germany in 2009, once your car’s security is breached, hackers can wreak havoc by:
- Stealing the vehicle or something in it
- Circumventing restrictions in hardware or software functionality (manufacturer updates, for example); Manipulating financially, legally or warranty-relevant components like chip tuning;
- Violate your privacy or misuse your external communications
- Harm you or your passengers
- Co-opt your vehicle’s VIN
Currently, car networks don’t have really high levels of security. However, automakers aren’t ignoring the threat. Over the past couple of years, OnStar has reportedly taken significant steps to beef up the security on its telematics system. Elsewhere, people in both the public and private sectors are addressing the problem. For example, the US Council for Automotive Research is working on enhancing cyber-security engineering standards.