From Car-Jacking To Car-Hacking: How Vehicles Became Targets For Cybercriminals

From Car-Jacking To Car-Hacking: How Vehicles Became Targets For Cybercriminals

As vehicles are increasingly connected to the internet, carmakers must learn to deal with a wave of new security threats.

The morning after Laura Capehorn parked her Saab 9-3 estate, all she could find of it was a car-shaped hole in the snow.

The interior designer had left the vehicle outside her mother-in-law’s house in Shepherd’s Bush, London, one evening in January 2014. By the morning it was gone, presumed stolen.

Police immediately asked to see the car’s key, and weren’t surprised to find out it was an electronic fob. They had seen an increase in tech-savvy criminals using a key-cloning system to gain entry to high-value vehicles. Once in, the thieves drive away within seconds.

“It’s shocking how easy it is to steal a car in this way,” Capehorn says. “Especially given that nearly all new cars use these sorts of keys.”
Automotive cybercrime is a burgeoning business. Some 6,000 cars and vans were stolen using this keyless entry hack last year in London alone – that’s 42% of all vehicle thefts, according to the city’s Metropolitan Police.

As cars become increasingly hi-tech, with Internet connectivity and automated parking, braking and obstacle detection, they become more vulnerable to cyber-attack – whether by people looking to steal the vehicle, harm an individual, or carry out activism.

 A recent Jeep Cherokee cyber-attack saw hackers remotely take control of a car’s steering and brakes while it was on a motorway. That put cybersecurity at the top of carmakers’ agendas. It was a controlled experiment carried out by two “white hat” hackers, and not a malicious attack. However, the potential risks were clear to see, and Jeep manufacturer Fiat Chrysler recalled 1.4 million vehicles to fix the security flaw.

continue reading >>>