Internet-car hacking vulnerabilities

The presence of Internet connectivity in automobiles is giving rise to a new generation of hacks, and along with those hacks comes a new generation of criminal possibility. You’d be forgiven for thinking that the only relationship between the Internet and your car is that time you spent this summer looking for online insurance quotes, but these days the web has bigger surprises in store for automobile owners than great rates. Thanks to what is commonly called “The Internet of Things,” hackers now have access to all types of devices that used to be secure simply because they weren’t connected to anything.

Just how bad can the problem be?

Five years ago, a dealership in Texas was the source of reports from customers that their cars were going crazy. Their horns were being triggered in the middle of the night, and when the customers tried to start their vehicles in the morning, they had been rendered inoperable. Thanks to access granted by a disgruntled employee, hackers had been able to access everything the dealership had. Most of it was fairly mundane fair by hacking standards, such as changing vehicle listings on the company’s site to high-end luxury models. However, because the dealership installed devices in their customers’ cars to ensure that they were paying on time, the hackers were also able to access the vehicles.

The problem has only gotten worse with time. Researchers testing a proof of concept using a 2015 Jeep were able to do much more. Under highway conditions, they were able to wirelessly access everything inside the Jeep. This meant they had control of anything from the volume on the stereo to the brakes and steering wheel, and they could make the vehicle do whatever they wanted. In this case, the hack was implemented by accessing a diagnostic port on the Jeep. Once the malware was installed, the hackers could do as they pleased as long as the Jeep was anywhere with wireless access.

A similar hack was also found in 2013 in the Ford Escape. As happened with the Jeeps, the hackers were able to demonstrate full control of the vehicle.

For now it appears that hackers have mostly targeted vehicles for grins, but the question remains when and just how hackers might take it too far. The issue has become so profound that the Defense Advanced Research Projects Agency, the branch of the Pentagon that’s dedicated to addressing the future of warfare, is providing grants to researchers to discover vulnerabilities and report them. While hackers have yet to have accessed automobiles without any type of direct access to the vehicle or the dealer, it’s no longer beyond the realm of possibility that one day hackers will successfully take over a car using only remote access over wireless without exploiting more direct methods.

What should you do?

Foremost, it’s important to be fully informed regarding how your vehicle might be accessed wirelessly. Individuals who are financing their rides through dealers should pay special attention, since many of the systems that are used to render leased or financed vehicle inoperable are also wirelessly accessible. Any remote shutdown system poses a risk to the security of your vehicle.

It’s also a good idea to know the reputation of the dealers and any repair shops that might have access to your car, as these people are the sources of the greatest risk of exposing your vehicle to hacking. Any time an aftermarket system is installed in your car, especially one that controls critical functions such as starting the car or turning it off, you should ask questions about the wireless accessibility that might be built into it. If your questions aren’t sufficiently addressed, then you should consider going to another shop.

The possibility of seeing your vehicle hacked can be terrifying. With the right approach, however, you can reduce the potential risks that this new generation of crime poses. If you know how to ask the right questions, you can do more to keep hacking from being a problem that you ever face while driving your vehicle.

Robert Cordray
Robert Cordray
Robert Cordray is a former business consultant and entrepreneur with over 20 years of experience and a wide variety of knowledge in multiple areas of the industry. He currently resides in the Southern California area and spends his time helping consumers and business owners alike try to be successful. When he’s not reading or writing, he’s most likely with his beautiful wife and three children.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Latest Blogs

ITB in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.