Page Loader Logo
Loading...
833-847-3280
Schedule a Call
Partner With Us

Hacking Your Car… Should you be worried?

There has been a lot of conversation about the dangers of your car being hacked since two researchers revealed the fact that they could hack into and take over a car while it was actually moving on a highway. The hack, which required the injection of malware into a vehicles entertainment center through an infected cell phone and then taking control of various automobile computer controlled functions, was released with grave concern from the public and government sectors, while the automotive sector was quite hostile to the possibility. The hack is to be discussed at next week’s Black Hat convention in Las Vegas.

Fortunately, this hack demonstrates the requirements necessary for the hack to take place and they are pretty difficult for any hacker, except the most experienced, to put into play. So I don’t think that you will see a multitude of cars under the control of hackers driving themselves off bridges, into the ocean or at 150 MPH while friends, family and children scream in fear in the back seats. Hackers need to have the right combination of an infected phone, a flaw in the computer code that can be accessed, and access to the internet to allow the hackers to take control of the car. Finally, the hacker has to have something to gain from infecting a car and unless they are holding a family hostage and extorting money, or just plain having fun watching a car go around in circles in a parking lot while its driver loses its mind, most hackers have more important and financially beneficial things to do.

These hacks take place due to the fact that cars, some of the most computerized machines (a car contains 50M lines of code on the average, while a jetliner has 14M), are now being equipped with Wi-Fi hotspots, which enable the cars to access the internet while in motion. Internet access through cell phone towers provides the hackers with access to the vehicle after it has been infected resulting in their ability to move through the computer systems that are available through the hacked system and cause havoc. Right now, it is estimated that less than 3% of the vehicles that had the Uconnect system, which was the infected infotainment system, have this capability. Expect other systems from other manufacturers to be targets of similar hacks in the future.

However, this hack also exposes some grave problems with the automobile industry that need to be addressed. Obviously, in the rush to provide the public with the greatest access and comfort (think of the Internet of Things), cyber security has not received the attention it should have in the development and testing of these products. Automobile manufacturers seem to be caught flat footed by this hack and need to ensure that they continuously test and retest their software for vulnerabilities…the liability of a death as a result of a proven hack would be enormous. It also seems that the automobile industry’s relationships with the hacking community needs to be improved as the exposure of vulnerabilities is met with somewhat understandable frustration and obfuscation, instead of welcoming the reports.

(This hack was done by “white hat” hackers who worked with the manufacturer once the hack was found.)

So, what can the average American, with their high speed computerized car do to prevent these potential hacks? First, if you are notified, as I was by Dodge, that you have a vulnerability, move quick to get your car to the dealer and get it upgraded. Next, if you don’t need your wireless hotspot, don’t enable it; this limits the ability of hackers to access your car’s entertainment system. Third, continuously scan your phone, IPAD or any device that can synch with your infotainment system for malware since that is the primary point of infection to your vehicle. Fourth, if your vehicle is not infected, take it in annually, or whenever an upgrade for your vehicle’s software is available.

Or just get a 1978 AMC Gremlin; they will never be hacked…

Latest Posts

A transparent image used for creating empty spaces in columns
Welcome to today’s briefing on a crucial topic in the realm of cybersecurity: internal network penetration testing. Now, I know that the term might sound a bit intimidating but fear not. By the end of this discussion, you’ll have a solid understanding of what it…
A transparent image used for creating empty spaces in columns
 In the world of cybersecurity, there’s a misconception that a clean pen testing report means something was missed or the test wasn’t thorough enough. But here’s the truth: receiving a clean report from your penetration test is not only a positive outcome—it’s a testament…
A transparent image used for creating empty spaces in columns
Hey there, folks! Let’s get one thing straight: when MainNerve talks about penetration testing, we’re diving deep into the world of cybersecurity. But hey, we know what people think when we say “penetration testing.” So, buckle up because we’re about to compare pen testing to…
A transparent image used for creating empty spaces in columns
 In the fast-paced world of managed IT services, we know that time is money. Your clients rely on you to keep their systems secure, and you need partners who can deliver top-notch services without slowing you down. If you’re a Managed Service Provider (MSP)…
A transparent image used for creating empty spaces in columns
The primary purpose of performing a penetration test is to simulate real-world attacks on a computer system, network, or application. This is done by skilled cybersecurity professionals, who are tasked with identifying vulnerabilities and weaknesses that malicious actors could exploit. Their role is crucial in…
A transparent image used for creating empty spaces in columns
 If your business relies on older technology, you’ll want to listen up. We’re highlighting a critical weakness in many organizations’ defenses: legacy systems. What Are Legacy Systems? Legacy systems are outdated technologies that are no longer supported with updates or patches from their creators.…
contact

Our Team

Name(Required)
This field is for validation purposes and should be left unchanged.
quick links to

Our Services

On Load
Where? .serviceMM
What? Mega Menu: Services
201 E Pikes Peak Ave Suite 2025
Colorado Springs, CO 80903