Cars are getting smarter every year. Most new car models come with everything from built-in Wi-Fi to the ability to stream your Netflix account directly from the vehicle’s entertainment system.
While this connectivity is increasing convenience and comfort, it is also creating vulnerability. These connected vehicles are at risk of being hacked, even though car manufacturers are trying to downplay the threats.
Who is at risk, and how can drivers make their cars hack-proof?
Car Hacks in the News
Car hacking hasn’t put driver’s lives in danger — yet — but that doesn’t mean it’s not happening. The most shocking was a demonstration by Charlie Miller and Chris Valasek, two hackers who discovered a vulnerability in Jeep’s firmware that allowed them to take control of the car, including everything from the radio and climate control to the steering and transmission systems.
During the demonstration, they were able to take control of a Jeep being driven by a writer from Wired and eventually shut down the car entirely, while the driver had no power.
This is the most dramatic example of car hacking, but even if hackers aren’t taking control of cars on the road, they’re still making life harder for car owners. One London resident lost his new Volvo not once but twice — a device allowed the hacker to clone the car’s key fob signal, which also controls the vehicle’s keyless start system, and drive away without ever setting off an alarm.
This same vulnerability exists in nearly every make and model of car that relies on keyless start and a key fob for entry. A hacker can clone the fob’s signal, be in the car and driving away in less than a minute.
Hacking and Autonomous Vehicles
Current cars aren’t the only ones that are vulnerable to this style of automotive hacking. As more and more self-driving vehicles start hitting the streets, these vehicles could also be hacked. As autonomous vehicles begin to evolve and we reach level five autonomy — which is a car that can drive itself and may not be equipped with a steering wheel and pedals for the driver — the risk of these hacks raises even more questions.
Who would be responsible in the event of a hacking related accident in an autonomous vehicle? Is it the driver, who had no control over the car, either due to the hacker or the fact that the car wasn’t designed to be driven by a human being? Or would it be the responsibility of the hacker or even the car manufacturer?
It’s questions like these that perfectly illustrate why we can’t afford to downplay the risk of automotive hacking.
Creating a Hack-Proof Car
Manufacturers need to be proactive, not reactive, when it comes to network security. In the case of the Jeep demonstration we mentioned earlier, the company responded immediately by shipping a firmware update on a flash drive to all affected owners so they could update their car’s software and close the back door that allowed the two hackers to take control of a vehicle remotely. They also recalled 1.4 million affected models.
Car owners can take some steps to help prevent hackers from being able to take over their vehicles:
- Update Your Car’s Software: Keep your car’s software up to date. An out-of-date system is more vulnerable to hacks — look at the WannaCry ransomware attack that crippled the UK’s National Health Service. The virus was able to take hold because the offices affected were using an old and out-of-date operating system.
- Keep Wi-Fi Off: When you’re not using the BlueTooth or Wi-Fi in your car, make sure to shut them off. An open signal, even one that is password protected, is an invitation to hackers.
- Strategically Store Your Fob: When the car is parked, store your key fob in a Faraday Bag, or even in the freezer. This will keep tech-savvy car thieves from being able to clone the fob’s signal and unlock or start your car.
- Set Your Own Password: Finally, just like any other password, it’s essential to protect your car’s Wi-Fi password and to change it from the default password that it was set to when the car was delivered. If you have a hard time remembering your car’s password, keep a note of it in your wallet or your home — not in the car.
Car hacking isn’t just something you see in the movies anymore. As cars get smarter, it is quickly becoming a reality, and it’s important for both manufacturers and car owners to address this threat directly. We can’t afford to downplay the potential risks here — as cars continue to advance, it could become a threat to human life.