As we are heading towards the era of smart and connected cars, the possible risk of hacking of personal transport is also on the rise.
New age automobiles are getting high-end features where third-party developers are offering ways to turn smartphones into vehicular remote controls. This allows car owners to locate, lock, and unlock their cars by just using their smartphones.
All of this sounds like something out of the space age, but this is a huge a problem. Smartphones can be hacked, and anything connected to your smartphone is at an equal risk. Researchers from security firm Kaspersky have found that some of the apps that offer control of your vehicle lack basic software defenses. By rooting or tricking a user into installing malicious code hackers can use any of the apps. Kaspersky tested this and managed to locate a car, unlock it, and in some cases even turn on the ignition.
Kasersky has not mentioned the apps but has said that their research should be enough to warn app developers as well as ‘smart’ car owners about the threats. “Why don’t connected car application developers care about security as much as the developers of banking applications? They’re also controlling very valuable things for the user, but they’re not thinking about security mechanisms,” says Kaspersky researcher Viktor Chebyshev.
The researchers say that the worst-case attack would allow a hacker to access the inside of a locked car. Spoofing a key or disabling the car’s immobilizer, could however require some serious skills. While it hasn’t been tested, Tesla offers certain vehicles that can be driven with only a smartphone app, which becomes a threat in itself.
The researchers also went on to say that these attacks are limited to apps for now and no malicious code was found in any of the apps. But they go on to argue that looking at the apps’ code clearly shows that car thieves could exploit their features.
Publish date: February 17, 2017 11:55 am| Modified date: February 17, 2017 11:55 am