MODERN CAR TECHNOLOGY: SECURITY RISKS REVEALED
THE HACKABILITY OF MODERN DAY CARS IN 2014
A recent study released at the Black Hat conference has highlighted a number of exploitable problems within modern car technology. Completed by two IOActive researchers, the study was called: 'A survey of remote automotive attack surfaces'. It looked into the ‘hackability’ of 24 different vehicles, and even though the researchers were unable to ‘hack’ any of the cars themselves, they did highlight some issues.
Most people don't think of their car as being extremely technologically advanced, but in fact cars have become “networks of computers on wheels” according to Josh Corman, a security researcher.
The grassroots group, I Am The Cavalry (IATC), for which Corman is a spokesperson, seeks to illuminate the fears of security professionals, such as himself, to the wider world. The networks which make up a car are often not made by the car manufacturer, but by an external company who are reluctant to reveal any information on the way the system works.
The cars that are stimulating fear for their susceptibility are not necessarily only the newest cars, in fact it goes back as far as 2006 with cars such as the Toyota Prius and the Range Rover Sport.
In regards to the most hackable car in the study, it was the 2014 Jeep Cherokee that topped the list, and conversely the Dodge Viper was actually the least hackable. Each of the cars in study was looked at under three categories, this was to access how vulnerable each car was.
These issues raised in the research will create a number of concerns moving forward when looking to buy a car. Further issues that this subject raises include what will happen with regard to insurance and premiums? How will this problem and this study affect it? In addition, it raises the problem of how to effectively protect your car.
Forbes have highlighted that one potential protective defence that will be available is an intrusion detection system which will simply switch off the network that is under attack.
This is a move away from the physical hacking of a car and illustrates the severity of this situation, as it is effectively new ground for security organisations to get their heads around. This is however a problem that will need addressing as all cars will be integrated networks in the future, and with the advance of technology car makers need to be extra-vigilant for new threats.