paint-brush
Motor Vehicle Hacking: How Cybercriminals Hack Your Carby@danielmoayanda
1,598 reads
1,598 reads

Motor Vehicle Hacking: How Cybercriminals Hack Your Car

by Daniel MoayandaAugust 27th, 2021
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

Hackers are constantly looking for new techniques to steal personal and financial data, install ransomware and even take control of vehicles on the road. Hackers can attack through the Controller Area Network (CAN bus) of your vehicle. By 2030, many observers expect them to have roughly 300 million lines of software code. The integration of these various communications and software systems leaves automobiles vulnerable to attack. Automotive providers must come up with a strong layer of protection that identifies and identify relevant cyber-risk end-end to design and identify cyber-end-to-end threats and vulnerabilities before they affect vehicle operation.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - Motor Vehicle Hacking: How Cybercriminals Hack Your Car
Daniel Moayanda HackerNoon profile picture

Technology has brought most of our imaginations into reality. The advancement in recent years has had a great impact on our daily lives to grant the human race the desire of having a better life. From improved food and healthcare, to transport efficiency and safety, socialization and productivity

The impact of technology on work, both in manufacturing and in communication, has significantly increased the rate of production and speed at which business occurs. Technology in the workplace has helped workers become more efficient than ever before. 

What used to take hours now can take minutes. Messages can be sent instantly to colleagues or clients across the world. Payments or proposals can be transferred almost immediately. Which makes technology to be involved in everything we do.

However, the more familiar we get with technology the more vulnerable we become to its disadvantage if we are not careful. Hackers are constantly looking for new techniques to steal personal and financial data, install ransomware and even take control of vehicles on the road. Any system in a vehicle connecting to the Internet, fleet management software, or an EV charging network is a potential entry point.

Individuals and business owners should remain educated on all the ways a cyber breach could occur. When it comes to vehicle hacking, you might think your vehicle is secured since you're not using it for public transit. whereas cybercriminals have become the world’s most dangerous criminals simply because they can act covertly from anywhere in the world. 

Over the years, modern cars have become data centers on wheels. Comparing the lines of code in modern connected cars with aircraft and PCs provides a glimpse into the challenges of securing these vehicles.

Today’s cars have up to 150 ECUs and about 100 million lines of code; by 2030, many observers expect them to have roughly 300 million lines of software code.

The integration of these various communications and software systems leaves automobiles vulnerable to attack.

Below are ways to overcome these problems.

How Can Cyber Hackers Attack Your Cars? 

1. They can attack through the Controller Area Network (CAN bus) of your vehicle

The Controller Area Network (CAN bus) is the nervous system, enabling communication and is also called the heart of any modern vehicle’s interconnected systems. CAN bus is a single, centralized network bus on which all of a vehicle’s data track is broadcast.

Every command from the operator is being carried by the CAN bus system such as “apply the brakes” or “roll down the windows” to readouts from sensors reporting engine temperature or tire pressure. 

Once hackers are able to bypass your CAN bus then your car loses control. which include setting alarms, steering control, applying brakes, and switching of headlights. Everything is definitely out of your control.

They are able to perform this with the help of Bluetooth, Raspberry Pi, or a WiFi router, enabling them to control the car from a far distance.

2. They can attack your vehicle to access your smartphone 

By hacking into your connected car, hackers can potentially gain access to the devices you have paired with the vehicle.

You’ve once connected your car with your mobile device for one reason or the other. This can be used to access your vital information like credit card information, passwords, and financial data. If they’re able to get into your vehicle’s system and find your connected mobile phone, your information may be at risk.

3. Remote keyless entry

Do you know that wireless key fobs can unlock car doors when the person holding them is close by? However, using radio repeaters, thieves can extend the range of the key fob, unlocking your car doors when you’re up to 30 feet away.

They can also clone the encrypted radio signal and unlock the car with another key. Here are a few ways hackers can exploit the keyless entry systems and break into a vehicle:

  • Using Remote Code Execution (RCE), a form of cyberattack in which the cybercriminal executes arbitrary commands to access a vehicle from a remote server.
  • Cloning the transmitted frequency using Software Defined Radio (SDR) devices.

Solutions For The Automobile Industry

1. Implementing cyber-risk management

Automotive providers must come up with end-to-end cyber-risk management and identify relevant cyber risks in their vehicle types. Their major priority should be how to design and build a strong layer of protection that identifies and reacts to new and evolving cyber threats and vulnerabilities before they can affect vehicle operation. 

However, truck owners, vehicle transport services, and other automotive suppliers who deliver efficiently and wish to continue to have a non-stop and better experience with their customers must understand that car manufacturers regularly send important patches and updates to sort out vulnerabilities in the system. 

It's always a good idea to enable automatic updates to ensure that all the software and internal systems are up to date.  

2. Sending save and secure update

Automotive manufacturers must not only be able to respond to any detected security event. They must also be able to provide safe software updates to fix security issues. To do so, they must systematically identify target vehicles for updates and ensure that software updates will not harm certified safety-relevant systems and are compatible with the vehicles’ configuration.

On the other hand, vehicle users should be able to avoid attacks by installing an embedded firewall that can block unauthorized communication with the car's onboard computers.

3.  Individuals should take responsibility

Aside from the manufacturers, a car owner should be able to take appropriate action to protect his vehicle from cyber attacks. Installing third-party apps and software can create vulnerabilities and put your car at risk. Make sure you install apps and tools approved by the car's manufacturer.

Minimize the amount of personal data that is stored on your vehicle. Only data that can be reasonably assumed to be necessary for the service should be collected without a specific option. 

Finally, drivers and owners should have a clear way to securely delete any stored personal data or ensure that it is not saved. This is especially important in an era of increased vehicle sharing, as well as rentals, loaners, and other temporary usage scenarios.

In conclusion

However, security does not stop at the production of vehicles – it is important throughout the entire vehicle lifecycle, as security vulnerabilities can be discovered at any given time. 

It will require transportation sectors and suppliers to continually detect and react to security issues until vehicles have reached their end of life.


Lead Image by Werner Moser from Pixabay.