Although the car industry and security companies have been aware of the risk of car hacking for years, it is still complicated to protect cars from digital burglary. A group of researchers and employees at a security company has discovered a weakness in the car’s internal network. The vulnerability lies in a protocol that is essential to the car’s functions. This weakness can be used to hack the car and has so far been overlooked by the car industry.
Cars can be hacked through their internal communication system
On August 16 the security company Trend Micro published a blog post highlighting this security risk. They have discovered vulnerability in collaboration with researchers from LinkLayer Labs and Milan Polytechnic University. The discovery is not a small or basic fault in the car’s software. There is an error in the CAN protocol that enables the car’s components to communicate and send messages and commands to each other. If an attacker exploits this error he or she can take control of the car and disable both the automated locking mechanisms and the automatic safety mechanisms.
This means, in fact, that an attacker could potentially penetrate the car and take over some absolutely essential safety features, Including airbags, anti-lock brakes and door locks. Both the security companies Argus and NNG have attempted to create burglary-proof systems that detect errors like this, but it seems to be impossible with the current technology.
Luck with hacking Jeeps and Tesla cars
Scientists have previously had success hacking a Jeep. Back in 2014 a group took control of a jeep driving a motorway. They took over the steering of the car. In China a hacker group working for Tencent has been successful in taking over the vital features of a Tesla. However, it required that the hacker already has access to the car’s network via WiFi or mobile networks or accessed the software with a gadget that can be inserted into the OBD port under the dashboard.
Car hacking in the future
The security error in the CAN protocol is not something which ordinary consumers should immediately fear. The current situation is that hackers can not take total control of the car. Most notably the analogue brakes and accelerator in most cars, cannot be controlled through this vulnerability in the protocol. The research group and the automotive industry believe that the discovery of this weakness is a step forward for the automotive industry, towards correcting mistakes before black hat hackers find out how to hack the cars. A Black Hat hacker is a hacker that breaks into computers, spreads viruses or other malware for their own sake or to hurt others. As more and more research groups and other people are employed by security companies to make preventive hacks, there is an increasing tendency to distinguish between black hat hackers and the other group called white hat hackers.
Apart from car theft through the locking systems black hat hackers have not tried to hack cars yet. Only researchers and hackers that are employed by security companies have made this type of hack. You should not fear that hackers are trying to hijack your car as one the research team did. However, it is a scenario you can fear in the future because cars are becoming more and more automated. This means that car hacking can be a real threat if the car and security industry does not move faster than hacker groups.
You need to protect your computer now
In the future, we will have to pay more attention to the risk of viruses, malware and spyware in our cars. Here and now the biggest security threat in terms of these types of software are our private computers. Unlike our cars, it is already possible for hackers to take control of our computers, steal private documents and photos and access our passwords. You can secure yourself against attacks by using Anti Explorator which is always at the forefront of antispyware and antimalware development.