Smart cars are becoming more common and continue to evolve as technology progresses. Sci-fi movies or novels emphasized their concept for a long time. One thing that escaped the romanticized smart car in these portrayals and real life is the hacking threat.
Hacking a modern smart car is dangerously easy for cybercriminals since the smart car’s developers didn’t consider cyber threats as much as they should have. Various security experts repeatedly demonstrated how it is easy to hack smart cars and shocked the automotive industry.
Why Smart Cars Can Be Hacked
Smart cars are connected to networks that host various sensors and smart components, which are connected to the internet. Because of this, cyber-attacks are possible as the attack surface is enormous.
Connected cars have systems made up of various units that exchange data. They can share information with other smart vehicles, C2C, car-to-car, or C2I, car-to-infrastructure in real-time. This means that our smart cars become sophisticated components of the global network, managing extensive amounts of data.
Cybercriminals can alternate those systems to gain control of smart vehicles. They can either sabotage, steal data, or steal the vehicle entirely. A top-tier smart car controller contains more than 100 million lines of computer code, and software/electronics account for up to 40% or more of the total cost of the car.
This means that every component in the car, even its communication channels, can be targeted by hackers, and some attacks have already occurred. Some of the things that cybercriminals can already do to your smart car include:
- Taking control of speedometer, odometer, on-board navigation system, brakes, steering, acceleration
- They can alter how your breaks work, kill the engine, light flash, unlock/lock doors, or modify fuel gauge
- Gather personal stored information on-board system to spy on the smart car’s owner
Security Experts Prove How Cars Can be Hacked
In an attempt to raise awareness of how easily smart cars can be hacked, security experts conducted several experiments that shook the automotive industry. Two security officers, Charlie Miller and Chris Valasek, remotely hacked a 2014 Jeep Cherokee in one instance.
The security duo exploited the security flaws of the vehicle in the Uconnect automobile system with cellular connectivity, successfully hacking the car. Other professionals pointed out how hackers can take over your car:
- Hackers can override the car’s keyless entry
Smart cars with keyless entry systems use radio transmitters, which hackers can spoof and gain entry. Known as relay attacks, the criminals can manipulate your key fob with hacking devices within 30-50 feet away.
- Identity can be stolen easily
Software vulnerabilities allow hackers to steal and sell your personal information. Any information stored in your car’s system, or your car app on your smartphone, is hackable.
- Cybercriminals can control your driving systems
Consider this, cybercriminals can even hack your fridge, and it uses considerably fewer computer codes than your smart car. Malware codes hidden in suspicious downloads can get into your car’s infotainment system and travel to other systems, such as those responsible for brake control, engine, acceleration, almost everything.
- Your USB port can also act as a gateway
Car USB ports are susceptible to viruses. If your smartphone is infected, and you plug it in your car’s USB port, hackers can easily access the car’s systems. These are just a couple of examples, as there are more ways hackers can control your car.
What Cybersecurity Experts Recommend for Vehicle Cyber Protection
Various ethical hackers and cybersecurity experts are helping the automotive industry in its struggle against cybercrime. It is a real threat with dire consequences that can even lead to death.
Security professionals advise car manufacturers to implement authentication or authorization for everything connected through the CAN bus (controller area network used to allow microcontrollers and devices to communicate among applications without a host computer).
They also advise encrypting the traffic on the CAN bus, implementing an anomaly detection mechanism that may prevent cyberattacks.
How To Protect Your Smart Car From Cyber Attacks
Despite the cyber security experts’ advice, most auto manufacturers don’t want to increase their vehicle’s complexity. In the future, this may change. But, you can take some preventive steps right now. This is what you can do to protect your smart car from cyber-attacks!
Manually Apply Software Security Patches
It’s always good to manually apply software security patches that the carmakers provide if the vendors don’t push them over the air. Keep in touch with the car manufacturer and regularly check for active recalls for your car at Safercar.gov.
Do Not Install Updates From Third Parties
You should be careful when it comes to installing software. Ensure every update is provided by the car manufacturer and not from a third party. Analyze everything from diagnostics software to entertainment software with internet connectivity carefully.
Consider Using a VPN
A VPN might boost your smart car’s cyber security, as it encrypts all of your data. However, you must choose wisely. Free or very cheap VPN providers might do more harm than good. Search for the top VPN providers online, and choose one of your likings.
If you found something, even among the top, always read online reviews before. For example, search for a NordVPN review and compare different VPN providers.
Turn off Bluetooth and Hide Your WiFi Password
Turn off your Bluetooth if you’re not using it, as it can act as a gateway for hackers. If you use a WiFi hotspot service in your car, don’t keep your password in your car.
Cut off the Signal From the Fob
Since hackers use devices that can unlock your car, ensure your keyless-entry fob isn’t near it. Consider storing the fob in a metal box or a holder that’s designed to prevent hacking.