Vehicles’ electronic systems are vulnerable to hacking attacks because security has not been a priority
In the face of tumbling car crime figures in the UK, McAfee is predicting that increasing use of technology in cars is likely to make them more vulnerable rather than more secure.
Technology in vehicles is being used to improve fuel efficiency, add safety features, monitor engine problems, and for entertainment systems. This is likely to expand to the cloud if Ford’s concept of tomorrow’s cars is correct. Ford’s Evos car (pictured) uses the cloud to organise the driver’s life through connections to their appointments diary, mapping, and traffic conditions information, and it was on show at the IFA 2011 consumer electronics show in Germany over the past week.
Security Problems Waiting To Be Exploited
Embedded processors are found in most parts of the latest cars to allow electronic maintenance or to power anti-theft and entertainment systems. Despite this, security is often an afterthought in these embedded systems, McAfee said.
Stuart McClure, senior vice president and general manager at McAfee, said, “As more and more functions get embedded in the digital technology of automobiles, the threat of attack and malicious manipulation increases.”
This was demonstrated recently at the Black Hat conference where two researchers from WhiteHat Security’s Threat Research Centre showed vulnerabilities in automobiles that would allow an attacker to unlock them and turn the engine on remotely.
“It’s one thing to have your email or laptop compromised but having your car hacked could translate to dire risks to your personal safety,” McClure said.
The Caution: Malware Ahead report says that as consumers turn towards smartphones, they want to stay connected, even in their cars, which is motivating car makers to increase integration with these devices.
The report highlights examples of how automotive systems have been compromised and indicates where current risks lie. Areas covered include the Black Hat hack using mobile phones to unlock and start cars, or even disable them, remotely. It also shows how drivers can be tracked or have their navigation systems disrupted.
All of this could reverse the trend that has seen car theft drop from 1.1 million a year in 1997 to 456,000 in 2010, according to police figures.