Saturday, December 19, 2015

Car Hacking: Are You At Risk?

There is an old cliché that goes, “they don’t make them like they used to.” With the pronounced computerization of contemporary cars in mind, that adage certainly stands tall. More than 50 percent of vehicles sold this year connect to the Internet in one or more ways, and it is predicted by 2025, every car will be connected in multiple ways.

That brings up the issue of car hacking. Is this next generation of Internet capable vehicles safe? Could somebody get your personal information and change the settings on your vehicle?

According to a NetQuote Study, Fiat-Chrysler Automobiles (FCA) did a test on certain Jeeps of which the driver’s controls – climate, radio, and accelerator – were all overridden by FCA’s own tech-savvy individuals. That led to the recall of 1.4 million vehicles equipped with the optional Uconnect 8.4 inch touchscreen for 2013-15 vehicles. Keep in mind this was done by FCA themselves and not a malicious, third-party criminal hacker.

To clarify, Uconnect is a hands-free communication system that utilizes Bluetooth technology. It provides short-range wireless communication between the customer’s compatible cell phone and the vehicle’s on-board receiver, no matter where the cellular telephone is stored – be it purse, pocket, or briefcase. It features voice command dialing and can communicate in three languages.

Their resolution to prevent further attacks was to design a software fix that could be sent to owners of these affected vehicles via a USB drive. However, FCA is not the only company facing this technological trial.

BMW recently did an experiment where they tested the potential hazards and risks of connected cars. BMW and their other divisions, Rolls-Royce and MINI, were all subjected to hacking through the ConnectedDrive feature. This built-in tech allows authorized operators, with a mobile device, to lock/unlock doors and access environmental, navigational, and entertainment systems inside the car. This technically would make it easier for hackers or attackers to unlock doors on these vehicles and wreak havoc.

BMW stated they have already patched the issue by encrypting the wireless communications inside the vehicle to prevent further compromise. In other words, encrypting covers up the important digital information and sort of puts things in a “digital envelope,” to make an analogy.

BMW ConnectedDrive

In the past few years, a number of mainstream cars have switched from traditional, metal keys to something like “smartkeys,” although no manufacturer uses that term. Automakers like Honda have been offering key fobs on American market EX models and above, although the lower two trim levels still have traditional keys.

Even the Civic, a bread and butter car, known for economy, uses a fob style key.

The New York Times recently wrote about digital break-ins with key-fobbed cars.

Their report said car thieves were able to do this by using something called a “power amplifier.” The power amplifier was used to open remote keyless entry systems very easily by expanding the area of which the key signal wirelessly calls out – as there is a typical range where the fob can completely send a signal to the car. This amplifier increases the range so that an undesirable person could get into a car farther away than the standard 30 feet or so.

In the study, researchers suggested that a safe place to store keys was in the freezer. The information allegedly cannot be obtained by hackers in a freezer. No kidding!? I could see myself grabbing some ice cream every time I run to the freezer to get my car keys! I’d be running to school with the leftovers of an ice cream sandwich every day.

Plus, would the electronic key fob still be able to do its job when you need it? “Oh sorry boss, I’ll be late because my fob is frozen. Yeah, sorry, I can’t make that important sales meeting.” Am I going to have to buy Norton Antivirus automotive edition just so I can drive my car without some bored, computer science, college dropout changing the station on my Sirius radio?

I can see these hypothetical situations becoming, well, not so hypothetical.

Uconnect_Access_Smartphone_App

Eric Mayne, an FCA spokesperson, insists there is no reason to question the Uconnect feature.

“I would argue that there is not an issue at hand,” Mayne said about the self-test hacking situation. “It has been without a real-world incident since 2012.”

While I do think this technology might concern customers new to it, I also think it will get better. Once any potential bugs are smoothed out, the Uconnect system, its successors, and similar technologists make a great addition to cars.

When you’re wondering where the good places are to eat nearby or what’s showing at the local the cinema, it’s a nice feature. And to FCA’s credit and for other automakers too, unless a person has criminal intent, only customers can lock, unlock, and remotely start their vehicles.

However, a few members of the United States government have gotten involved.

U.S. Senators Ed Markey (D-Massachusetts) and Richard Blumenthal (D-Connecticut) are working on a bill to raise the standards for all internet-connected vehicles. According to NetQuote, the three major points of the bill are:

  1. Requires the National Highway Traffic and Safety Administration (NHTSA) and the Federal Trade Commission (FTC) to set security standards isolating critical software systems from the rest of a vehicle’s internal network. Extra testing is required for on-board systems so they can accurately detect and respond to malicious commands on the car’s network;
  2. NHTSA and FTC must set privacy standards, requiring automakers to inform people of how they collect data from vehicles they sell, letting drivers opt out of that data collection, and restricting how the information can be used for marketing;
  3. Requires manufacturers to display window stickers on new cars that rank their security and privacy protections.

The technology is newer, but it can still please customers, and ones especially who enjoy things such as tablets, smartphones, and the like. The automotive world not only has changed, but is in a process of continual evolution through science, research, development, and in this case, government intervention. This is one such aspect of that evolution that might be, despite the risks, for the better.

Are you worried your car could be hacked? 

The infographic below from NetQuote explains more of the risks associated with the connected car.

*Zach Filtz is an English/Journalism student at California University of PA and a junior contributor for Automoblog.net. He is a car enthusiast and movie buff.

Car Computer Hacking | Risks of Internet-Connected Cars (Infographic)



from Automoblog.net http://www.automoblog.net/2015/12/19/car-hacking-risk/
via IFTTT
from Tumblr http://peternpalmer.tumblr.com/post/135523087536
via IFTTT

No comments:

Post a Comment