A new report details several ways ill-willed individuals can manipulate today's automobiles.
Two hackers and a journalist made headlines last year after demonstrating how easy it can be for someone to take control of your car remotely.
But that’s just one of several ways technology-equipped cars can be manipulated by ill-willed individuals, according to a recent report from cyber-security company FireEye.
The report — titled “Connected Cars: The Open Road for Hackers” — notes today’s average car has:
- About 70 electronic control units, or ECUs, which control steering, braking and acceleration
- Several networks, such as Wi-Fi and 4G
- The potential for gigabytes of digital storage
The report continues:
In a practical sense, a modern automobile is comparable to a modern computer network … As more vehicles are connected to the Internet with other services that all demand greater bandwidth, the possibilities for compromise and hijacking will also rise.
In addition to manipulating a car’s operation, FireEye’s report details several ways a vehicle can be compromised or hijacked. FireEye says the following are either most likely to happen, or to have the highest impact:
- Gaining unauthorized physical access to cars: This threat entails attackers entering a car by exploiting vulnerabilities in connectivity technologies. It stems from physical ignition systems being replaced with keyless systems that rely on mobile phone apps or wireless key fobs. According to the report, attackers who get into cars without permission usually do so by exploiting the wireless communications between the car and the driver’s key fob.
- Stealing personally identifiable information (PII): “Modern vehicles collect significant amounts of PII in the course of their operation in order to interface with the myriad of after-market devices that communicate with the vehicle’s operating system,” the report states.
- Extorting victims through ransomware: This threat entails an attacker rendering a car’s ECUs inoperable, leaving the car effectively useless until the person or business that owns it pays a ransom to regain control. While this threat might sound especially scary — and FireEye considers it high-impact — the company considers the likelihood of it happening to be low.
Do you worry about your car’s technologies making it more vulnerable? Share your thoughts below or in our Forums. It’s the place where you can speak your mind, explore topics in-depth, and post questions and get answers.