Technology Newsmodern cars are very easy to hack

modern cars are very easy to hack

-


Convenience comes at a price, and hackers take advantage of it ruthlessly. Not only electric cars are affected.

On-board computers with serious capabilities work in modern cars, and as car manufacturers are cramming more and more digital devices and services into their latest models, the issue of IT security while driving is becoming more and more important – writes the Ars Technica.

Unfortunately, however, for household appliances connected to the Internet and the so-called for the Internet of Things (Internet of Things – IoT) designed devices, the IT security pedigree of car manufacturers is not very bright for now. The problem with IoT devices has been known for a long time: unfortunately, it often happens that a home appliance manufacturer procures the hardware and software required for smart functions from a third party.

Cars stuffed with more and more digital functions are easy prey for hackers (Photo: Pacific Northwest National Laboratory)
Cars stuffed with more and more digital functions are easy prey for hackers (Photo: Pacific Northwest National Laboratory)

In such cases, cost efficiency comes to the fore, i.e., in the hope of maximizing profit, manufacturers try to get away with installing new parts as cheaply as possible. The price of this, however, is that often out-of-date solutions laden with security holes end up in hundreds of thousands of smart gadgets. And hacking them is child’s play: the extent of the problem is perfectly exemplified by the fact that there is also a search engine that specifically lists such poorly secured IoT devices, and hacking the devices now requires almost no IT knowledge, as this task can already be solved with user-friendly target software .

The situation is similar with cars, with the difference that, while anyone can choose not to buy a smart refrigerator or washing machine for their home, the situation is no longer so simple when buying a car. Vehicles connected to the Internet are in English connected vehicles is described with the term, and this can cover many things. It is conceivable that a car has a media player suitable for receiving Internet radio broadcasts, but the use of technologies such as Wi-Fi, Bluetooth, and NFC is no stranger to the automotive industry. Moreover, the hacker attacks nor are they completely new: two researchers already demonstrated how they know in 2015 take control of a Jeep Cherokee. During the hacker attack, the vehicle’s braking system was simply disabled via the Uconnect on-board infotainment system. Our sister paper, PCWorld, wrote in 2016 that it can be stolen in a few minutes with a laptop a modern car.

When buying a car, there are few people who look at how secure the IT system of the given vehicle is. However, even if someone were to avoid cars with an Internet connection, it is not certain that they can do so at all: in the European Union, for example, it has been mandatory for some time for new cars to be equipped with the with eCall alarm systemwhich can automatically notify the 112 emergency number if the vehicle has an accident.

Internet-connected cars can be stopped by an attacker even while driving (Photo: Lawrence Berkeley National Laboratory)
Internet-connected cars can be stopped by an attacker even while driving (Photo: Lawrence Berkeley National Laboratory)

One would think, seeing articles from 7-8 years ago, that IT security had already been strengthened by car manufacturers. That’s probably why he took it on Sam Curry IT security researcher to examine the IT security of a range of car manufacturers’ models at the end of 2022. The specialist did not do half the work: 16 car brands (Who the, HondaInfiniti, NissanAcura, Mercedes-Benz, HyundaiGenesis, BMW, Rolls-RoyceFerrari, Ford, Porsche, Toyota, Jaguar, Land Rover) and 3 on-board systems (Spireon, Reviver and the SiriusXM satellite radio provider) examined the vulnerabilities. The result is alarming: Curry found exploitable security holes almost everywhere.

My colleagues and I realized that cars manufactured in the last 5 years have a roughly similar set of features. If an attacker discovers the security holes […] you can activate the horn, the headlights, follow the car’s position, open or close the doors, and even start or stop the engine, all remotely

Sam Curry said.

During the experiment, they found cars where it was enough to know the chassis number, and it was already possible to start the engine, open and close the cars or just follow the vehicle’s position. With some manufacturers, they were also able to access the owner’s online user account, but there were also cars whose cameras the hackers were able to operate.

Even more frightening is the case of Spireon, developer of the popular LoJack tracking system in the United States, where hackers were able to gain full administrative privileges, potentially sending commands to 15.5 million cars, including opening and closing the doors or starting the engine. However, Curry also revealed that they could have accessed the police cars of an American state by exploiting the security hole.

We wrote about it last October Digital license plates have been approved in California – Sam Curry managed to hack this system as well. After obtaining administrative rights, he was able to modify the content of any e-ink license plate, but he was also able to track the position of individual vehicles.

Thanks to Curry’s investigation, the affected automakers have begun to patch the security holes, but that’s scant comfort for owners and car buyers, who currently have few options when it comes to IT security. That’s the solution IT security classification of cars would mean, however, this standard does not yet exist.

We still have a lot to tell you, you can find everything interesting here!

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest news

all about the upcoming Redmi Band 2

The new generation of the Redmi smart bracelet will be presented very soon, and we already know its...

கடந்த காலத்தை குறியீடாக்குதல் – மர்மமான மாபெரும் அழிந்துபோன கடல் ஊர்வன கல்லறையின் தோற்றத்தை விஞ்ஞானிகள் கண்டுபிடித்துள்ளனர்

இக்தியோசர் இனத்தின் வயது வந்தோர் மற்றும் இளம் பருவத்தினர் ஷோனிசரஸ் பிரபலமானது 230 மில்லியன் ஆண்டுகளுக்கு முன்பு அம்மோனாய்டு இரையைத் துரத்தியது, இப்போது பெர்லின்-இக்தியோசர்...

Canonical has announced the availability of Ubuntu Pro subscriptions. What does this mean for regular users of this distro?

Canonical announced this morning that their Ubuntu Pro subscription service has been promoted from beta to general availability...

Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort

Jan 26, 2023Ravie LakshmananEncryption / Ransomware The infrastructure associated with the Hive ransomware-as-a-service (RaaS) operation has been seized as...

Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort

Jan 26, 2023Ravie LakshmananEncryption / Ransomware The infrastructure associated with the Hive ransomware-as-a-service (RaaS) operation has been seized as...

Elite IT bachelor’s degree program starts at a domestic university

From artificial intelligence to digital molecular medical biology, students can acquire up-to-date knowledge and an internationally valuable diploma. ...

Must read

Where To Watch Candyman 2021

Candyman (2021) is a supernatural slasher film directed...