Hacking A Vehicle

Hacking A Vehicle 

How it's Done and How to Prevent it

It's likely that your car is the most expensive computer you own. With multiple systems controlled directly by the vehicle's computerized systems, it's only natural to find that hackers have discovered multiple ways to infiltrate and manipulate almost every system available. Everything from ignition systems to steering and braking have been found to be vulnerable to hackers who possess even the most rudimentary knowledge of automotive software systems. The sad fact is this: all computers have similarities that under the right circumstances can and will be taken advantage of. Moreover, once you put enough software connected to mechanical hardware, you're just dealing with another computer.

The most prevalent hack starts with your key fob. The RF signals that they emit can grant access to the two systems thieves want most: keyless entry and ignition. The easiest way to get these codes is when you press the button. A (slightly) encrypted signal s sent from the fob to the car where it is verified. This in turn accesses the mechanical locking system and unlocks the car. The encryption for the ignition is the same and is easily hackable. In 2016 a team of security experts demonstrated that almost any vehicle could be hacked with a device that could be made portable and for under $20. In 2017 there was a rash of auto thefts that used similar technology and methodology. 

In 2015 two security researchers hacked a 2014 Jeep Cherokee and accessed the steering, braking, and ignition systems in front of a group of developers and IT professionals. This was done while the vehicle was in motion. They gained access through the entertainment system software, which prompted a massive recall to patch the vulnerabilities. 

With these concerns becoming more of a reality as systems grow more complex, what can be done to prevent these hacks from occurring? From the manufacturer's side, only strict penetration testing and outsourcing has seemed to help. Many companies offer incentives to individuals who can demonstrate vulnerabilities, which is a great start. From the consumer's side, there are two major things that can be done. The first is to be aware of your surroundings. Watch for people who are acting suspicious in between yourself and your vehicle. A signal must be intercepted near its source, meaning anyone who is attempting to get a signal from your key fob will ideally be between your fob and your vehicle. The other is to be vigilant with recalls. Although many people may choose to hold off on a recall notice that only affects their "radio," any software in your vehicle may be a golden ticket to hackers, especially those with known and unpatched vulnerabilities. Get to your dealership service center right away when you receive a recall notice, such as our partners at Doxon Toyota Auto Repair Service in Auburn, WA. Waiting a day or two may be the difference between your car being safely in the driveway in the morning or not.

Written By: Todd Hendrickson
Source: Popular Mechanics