• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Student360
  • About
    • Secure360
    • UMSA
  • Secure360 2022
  • For Sponsors
  • For Speakers
  • Get Involved
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

Cyber attacks: Could your vehicle be next?

July 30, 2015 by Secure360 and UMSA

vehicles can now be hacked online

Copyright: Watchara Rojjanasain/123RF

 

It seems like nearly every device and object can be hacked these days—your computer, your phone, even your baby monitor—what’s next? Many are concerned with the push for vehicle tracking devices to be placed in all new cars that our cars will be the next item on hacker’s list.

Here is how hackers can access these vehicle tracking devices. What the motives are behind hacking into them? Is a threat we will need to be cautious of moving forward? You be the judge:

Vehicle tracking systems

Similar to a plane’s “black box,” many countries are pushing for automobile manufacturers to include a box in each new car that tracks the vehicle and automatically alerts emergency centers in the event of a crash. This device will relay location, time, direction of travel, scale of impact and whether or not airbags have been deployed. This tracking device shows advancements in technologies and the ability to save lives; however, it also runs the risk of insecure data and security issues.

Breaking into your car

If the automotive industry is not prepared for the risks of security with their vehicle tracking devices, we could potentially see a new trend of hacking. The bad news is there are more opportunities for hackers to break into your car’s system than just the vehicle tracking device: remote key systems, satellite radios, telematic control units, Bluetooth connection and even wireless tire-pressure monitors. Security experts call these systems “attack surfaces” and once a hacker has found their way into one system, they can likely connect to a different system in the vehicle that may control running transmission systems, engine cylinders and, in the most advanced cars, steering controls.

While we have seen huge strides in cybersecurity, the overall security on these automotive systems is still 15-20 years behind. Once hackers have entered the vehicle systems, they have the capabilities to track movements, activate built in microphones to record, unlock cars for crooks to break in and even disable your cars engine.

Just last week, a viral video and article were released: security researchers Charlie Miller and Chris Valasek demonstrated that they could hijack a vehicle over the Internet, without any dealership-installed device to ease access. The two hackers turned on the driver’s (who was a part of the test) air conditioning, turned the stereo to full blast, started the windshield wipers and fluid… and then they cut the transmission.

Taking the necessary precautions

The goal of security researcher’s Miller and Valasek was to raise awareness to the automotive industry of the potential risks that will arise with incorporating automobiles into the Internet of Things movement. Cybersecurity is a serious issue for every industry, including the automotive industry, and the next step is for manufacturers and companies to be taking the steps to reduce risk by building security systems at the earliest phases of design.

Now for the good news: Car manufacturers and security experts are taking these automotive risks seriously. As of now, these hacks are still difficult to pull off, which will allow time for manufacturers to focus on preventing attacks in future and current vehicles.

In the meantime, there are steps individuals can take to ensure their cars remain safe. Unknown or unscreened devices should not be plugged into car’s USB or diagnostic ports. Only use a mechanic that you trust, as these can be potential opportunities for malware to be installed. Finally, locate your vehicle’s OBD-II port (usually located under the dash on the driver’s side) and familiarize yourself with it – if you ever notice anything unfamiliar plugged into it or it looks like it has been tampered with, take your car into the dealership immediately.

Filed Under: Physical Security, Cybersecurity

About Secure360 and UMSA

The Secure360 and UMSA team is made up of professionals in the security and risk management industries. Topics of expertise range from physical security, IT, risk management, cybersecurity, cloud, information security and records management.

Reader Interactions

Comments

  1. Mark says

    November 4, 2015 at 11:20 pm

    There are more opportunities for hackers to break into your car’s system than just the vehicle tracking device: remote key systems, satellite radios.

    Reply
  2. MackD says

    May 31, 2016 at 12:57 pm

    With a 25 yr old non-electronic wingdings and gizmos car, I’m not worried about it.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Bryghtpath LLC
    Bryghtpath LLC: Bryghtpath CEO @bryanstrawser presented last week at the @Secure360 Conference on "Navigating the Ransomware Challe… https://t.co/iXa3JeRKNN
    about 10 hours ago

  2. Scott Sutherland
    Scott Sutherland: For those who missed it, here's a video of the "Building Ransomware Detections" presentation I gave @Secure360 last… https://t.co/DkjNZnCfRw
    about 17 hours ago

  3. 🟣Tyler Cohen Wood
    🟣Tyler Cohen Wood: @HaroldSinnott @Secure360 Thank you, @HaroldSinnott!
    about 1 day ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2022 Secure360. All rights reserved.