Cybersecurity for Cars

by: Ursula Nizalowski

In the Twenty-First Century, our daily lives are intertwined with computers and similar devices. The same is true of today’s cars. They now have sophisticated software in addition to metal parts and wires. This software has made cars more safe by monitoring things like braking and steering. However, there’s a considerable risk that the car might get hacked. In fact, 1.4 million vehicles were recalled by Fiat Chrysler in 2015. Security researchers demonstrated “it was possible for hackers to control a Jeep Cherokee remotely, using the car’s entertainment system which connected to the mobile data network” according to the BBC News. So, it’s important to consider cybersecurity for cars like yours. 

What Can Hackers Do

Physical Attacks

1) Install New Software

A modern car “has more than 100 microprocessors, 50 electronic control units, and 100 million lines of software code” says the Center for Advanced Automotive Technology, or CAAT.

So, it basically functions like a computer. A hacker can directly access the car’s software in-person. For instance, they can install “hardware or software” into the vehicle while it’s being repaired “that easily gives them control” of the vehicle at a later point as claimed by Hashed Out.

2) Infect Car with Malware

Another in-person tactic that a hackers use to gain access to a car’s software is to cover their attack with a medium of sorts. Such mediums involve a USB drive that uploads malware into the computer. This make its vulnerable for takeover. Hackers can trick car owners into plugging a malware-infected MP3 player into the vehicle’s stereo system.  

Wireless Attacks

1) Use Wi-Fi/GPS to Access Car System

Most modern cars are connected to the Wi-Fi and GPS-related systems. So, a well-equipped hacker doesn’t need to physically access a vehicle to gain control of it. They can do it from a distance through the car’s internet connection or radio transmitters. These allow them to start cars up on their own or even mess with the car’s safety features.  These sabotages can lead to accidents. Additionally, they can steal “Any information you have uploaded into your cars system” and sell it according to Reader’s Digest.

2) Exploit Sensors

Modern cars are now equipped with sensors that can make 3D maps of the area around them in order to determine the safest maneuvering. But since the electronic pulses that the sensors make are not “encoded or encrypted,” IEEE Spectrum magazine claims they are vulnerable to being attacked. Security Innovation scientist Jonathan Petit demostrated this by tampering with an IBEO Lux sensor to make “the illusion of a fake car”. A smart car can be rendered useless as a result.

Cybersecurity for Cars

How To Protect Vehicle Software

Cybersecurity for Cars

1) Integrate Proper Systems

The threat of hackers for modern vehicles is growing. However, there are some solutions that can decrease the risk for one’s own vehicle. For example, having a good firewall can help identify and report remote threats to the car’s system. Upgrade your system. This makes it harder for hackers to attack in the first place.

2) Protect all connected devices

Since today’s cars can be connected to electronic devices such as smartphones, a hacker can use one’s phone to cyberattack the vehicle. Thus, it’s a good idea to upgrade the software of any devices you use in your car. Make sure the software that is installed is approved by the car manufacturer. These measures make it harder for hackers to get in and it reduces their threat in general.

Users and Data

3) Authenticate Users

Limit access to your car. In other words, make sure the car’s system knows “who is communicating” and blocks “communication from unauthorized devices” Hashed Out suggests. But a much simpler solution would be to simply turn off the car’s Wi-Fi when it’s not in use since hackers can’t access devices that aren’t connected to the internet.

4) Encrypt Important Data

As is the case with computers, encrypting the data inside a car’s software is arguably the safest way to protect it from hackers. This includes hiding the car’s Wi-Fi code in a place that can’t be discovered easily, so a passing hacker can’t use it to get in. But even if the hacker was attacking the car remotely, a good encryption software can allow data to be transmitted without the risk of being tampered by uncertified devices as outlined in this proposal by software engineering student Tim Roty on Medium.

For further information on cybersecurity, or in case of hacker-related accidents, please contact attorney Rick Wagner.

Click here for Rick’s video on Cybersecurity for Cars.