We all have heard about the term hacking. Computers are hacked and so are your phones; personal data and confidential information are taken out and even leaked at times.
What is not known to too many people is that Cars can be hacked too! Yes, you read it right. Technology has its own pros and cons and as we emerge into this new world which is full of possibilities, we have option to choose from a normal car to something which is specially designed with cutting-edge features. Whilst your car is loaded with amenities using variety of software’s to make it work. These software can control your cars and also the infotainment system. These are computers which can converse through different network and messaging protocols in the Controller area network of your vehicle to connect the engine and controlling brakes. We also have touchscreen system for usage and active synchronization for cruise control and high speed automotive communication. Also, we try and integrate our phones with the car system for easy access and wireless device connection. While we do all this, don’t you think your car is also exposed for cyber-attacks?
Hackers can easily control the electronic control unit (ECU) of your car and gain access to every bit of information or they can even control how your car moves next, be it a driven car or completely driverless. There has been demonstration which has shown on how the hackers can control your cars system from the brakes to dashboard and your wipers, they can even disable the brakes and crash your car. The major possibility of security vulnerability comes when your car is connected to internet, that’s how when anyone who knows the IP address – can easily get into the CPU system. Be it your data or your car, you can lose it within minutes from the moment your car is hacked or even bigger, your life is at risk as well when the hackers can control your car and move it in the way they want to.
The more the cars are computerized, the more they are freely open for hackers. Problem areas is that the manufacturers are making every possible shifts to create amazing cars and wants everything to be automated, which generally is thrown down to computers but one thing which they have not started is installing the same or somewhat level of security which are available on your laptops or mobile phones.
A rational attacker seeks personal profit and can attack the way he/she wants to. They can communicate through the network, as they are scattered in the system. Hackers can track the car via GPS and once they have the coordinates of the vehicle, they can insert it the data on google maps to track the movement as you travel. Your car stereo system, the AC can also be controlled remotely to terrorize anyone. Same way they can even shut down the engine of your car. With the use of latest technology, we can’t even imagine the amount of loss which a person or his/her family member can face, nor do we know with more advancement, it will be really difficult to imagine the level of hacking come in picture and hackers will take more charge of your vehicle.
The cyber-security team has been on alert and they are doing every possible bit to improve the security practises. They have created Information system and analysis centre (AUTO-ISAC) which has recommendations that can help the car manufacturer be more equipped for these issues.
Guidelines by AUTO-ISAC-
- Incident Reporting
- Collaboration and Arrangement
- Risk Management and Assessment
- Training and Awareness
- Monitoring, Analysis and Threat Detection
- Development of Security
This is a crucial step that AUTO-ISAC team has come up to fight against the automotive cyber-attacks.
There are number of ways for you to ensure that your car is safe –
Ensure you touch base with your cars manufacturer – You need to contact the manufacturer or give them your details for information or updation on the new software’s which needs to be installed
Software is timely updated – Old data might have viruses/bugs which can violate your personal data and are prone to attacks. Check for details from your manufacturer on the new version of software and install them whenever required.
Keyless remote should be safely placed somewhere which blocks the electromagnetic signals (eg. Fridge or RF cages) – Keyless remote gives signals and robbers can amplify them to break into your car. When you place them in a fridge/RF cage it blocks the signal, preventing anyone to get the door access.
Bluetooth & Wifi should be turned off when not in use – Whether you are at your home or in your car, open network has various threats. It allows hackers to gain access to available signals and connect to the entertainment system and control more than one part of the vehicle.
Wifi password should be hidden – Just like the above; anything which is open can invite attackers. Visible passwords can expose your car to threats.
USB drive needs to be scanned frequently or before using in your car – Either you use the USB drive on your computer or your car system. If it is infected, it might contain some malicious code which can compromise your cars safety system
There are more types of attacks and it might get worse than ever. The car industry and the customers both have to take a note of this and be alert on various cyber-attacks. While the automotive industry is working towards making things better, they have created a security patch which can downloaded from the manufacturer’s website and update your system. You can even do it manually or even by visiting the nearby dealer. Customers have to make themselves aware about the available security patches, which can make their cars less vulnerable. They have to take the responsibility of updating the cars electronic system on a regular basis.
Works are going on to make the security system more reliable, but as we are aware this is a hyper connected world and cyber-attacks and cyber-crime are a growing concern for business and the customers. There is a rise in demand for IT security jobs which are more specific to cyber-crime.