This week, we’ve asked the question: just how vulnerable are you in the digital world? You personally, in social media, with webcams and your wireless networks.
It can happen. Hackers– the criminal kind — can take over your car and do anything remotely that you as the owner can do electronically.
All this is done by cracking your code. Yep, another example of why it pays to hyper-protect your password and user ID.
Cars today come with all the bells and whistles. Windows that clean themselves, trunks that open automatically-even when hands are full, massage modes for car seats, lane centering to keep you between the lines, automatic brakes before you crash, automatic stop and start engines, automatic parking, self driving cars.
Making life easier? Sure. But it does come at a price.
“These individual controllers, all little old technical components. The problem is they were never designed to be on a network that is accessible from the Internet,” said Jerry Irvine, CIO of Prescient Solutions.
If a black hat hacker sets his sights on you all he needs is your ID and password to take control of all of it. Experts say that first step is a cinch.
“I send you a phishing scam saying, oh, I’m Tesla, Lexus, Ford, etc. and you need to click on this and enter into your account because we need to update your information,” Irvine said. It’s that easy.
The email looks like the manufacturer’s. You use your user ID and password. And before you’ve hit send, the hacker has sent you directly to the manufacturer’s real website and you never suspect a thing.
“Now they have your user ID, password, they can find the location of your vehicle, when they get there they can unlock the doors, start it, and drive off with your car,” Irvine said.
That’s one way of committing the crime. There are others.
A hacker with a diabolical or mischievous mind can turn your digitally suped-up luxury vehicle into a remote control car.
They can start it. They can stop it. Hit the brakes and back it up. Accelerate it, and even honk the horn and flash the lights. The hackers can do it because your car is on one network.
The hackers just need to find the easiest way into it. Maybe using radio frequency (or “RF”) to access the controller area network or “can” that links them all together. Once they’re in, they’re gold.
It’s happened. In Texas in 2010, a car dealership installed black boxes under customers’ dashboards. If payments were late, cars could be disabled. A disgruntled employee, however, hacked his way into the system. You can guess what happened to 100 cars in Austin that year.
5 years later, OnStar was hacked and GM vehicles with the onboard assistance were located, unlocked and stolen.
It’s not likely to happen to the average person, Irvine said. But here are a few simple things to help you keep control of your car in today’s digital world:
- Use your valet key. Handing over your fob to a car attendant or anyone else is like handing over the keys to your digital castle on wheels.
- Use “installed” garage door openers. You know the kind. It’s actually a feature in your car. They have a rolling code with randomization of radio frequencies making them hard for hackers to duplicate.
- And newer versions of GPS allow for a password to connect to your contact list and your destination.
The moral of the story according to our hacking expert: a car is not a car anymore. It’s a series of computers on wheels and a determined hacker can seek out the weakest computer on board to access them all.