There was a bit on the radio news the other day, where some bright spark in Pattaya was able to open locked car doors. He was making a killing at a crowded shopping center, waiting for the owner to go shopping and then opening the locked vehicle and making off with anything of value inside. When apprehended by the police, he had 12 laptops in his car, numerous phones and other items. And – his scanner which had the ability to unlock doors as a remote.
However, our not-so-successful felon had not developed something new. The sophisticated electronic systems have Congress and federal regulators worried about the potential for hackers to interfere with vehicle functions.
The report in the US says vehicles are vulnerable to hacking through wireless networks, smartphones, infotainment systems like OnStar – even a malicious CD popped into a car stereo.
Studies show hackers can get into the controls of some popular vehicles, causing them to suddenly accelerate, turn, kill the brakes, activate the horn, control the headlights, and modify the speedometer and gas gauge readings. Additional concerns came from the rise of navigation and other features that record and send location or driving history information.
The US report says that even as we are more connected than ever in our cars and trucks, our technology systems and data security remain largely unprotected. Some security measures used by automakers – ID numbers and radio frequencies – can be identified and rewritten or bypassed.
The issue could be even more important as future vehicles communicate with one another through “vehicle to vehicle” (V2V) technology to prevent crashes, but could also be at risk of hacking.
Auto engineers incorporate security solutions into vehicles from the very first stages of design and production – and security testing never stops. The industry is in the early stages of establishing a voluntary automobile industry sector information sharing and analysis center – or other comparable program – for collecting and sharing information about existing or potential cyber-related threats.
Automakers noted that the Society of Automotive Engineers has created a Vehicle Electrical System Security Committee to draft standards that help ensure electronic control system safety.
National Highway Traffic Safety Administration spokesman Gordon Trowbridge said the agency is “engaged in an intensive effort to determine potential security vulnerabilities related to new technologies and will work to ensure that manufacturers cooperate and address issues in order to keep motorists safe.”
A 2013 federal law requires NHTSA to report to Congress on this issue. NHTSA ended its public comment period on its research efforts in December as it works to complete its report.
Another study funded by the Defense Advanced Research Projects Agency found researchers could tap into vehicles’ electronic systems through a laptop computer connected by a cable. In initial tests on two 2010 vehicles from different automakers, they were able to do everything from causing the cars to accelerate and turn, to disable brakes and blow the horn.
German motorist association ADAC said in January it had discovered a security flaw that could have allowed 2.2 million BMWs, Minis and Rolls-Royces to be remotely unlocked by hackers through BMW’s “Connected Drive.” The automaker now encrypts transmissions between cellphones and cars.