Hacking – the buzzword that has hit the UK press time and time again over the past month following allegations of phone hacking within the media.  Numerous government officials and celebrities have been left vulnerable to the sharing of private information that has been obtained through hacking phone messages. Disturbingly new evidence is regularly being uncovered that suggests that these attacks have been ongoing for some time.

However, hacking phone messages to get headline-grabbing information is only scratching the surface of the problem.  Cars could be the next target left vulnerable to criminals through phone hacking techniques.Increasing integration of mobile phones with vehicles allows more remote control of some vehicle systems, such as smart phone applications and telematics services that can operate the vehicle’s central door locking and remote start functions.  These systems could be compromised through a phone hack to gain unauthorised control of the vehicle’s security components.

It is not just phone hacking that will be a theft threat to vehicles.  As advanced technology connects the car’s software to networks and services outside of the vehicle, the opportunity for vehicle hacking attacks will grow. “As advanced technology connects the car to the intelligent traffic infrastructure, the information cloud and other connected services, the available access routes to hack a vehicle will increase.” says Craig Best, Technical Analyst at SBD.  “SBD expect vehicle hacking to be a significant threat to vehicle security in the future.”

Each vehicle system is required to communicate over internal Control Area Networks (CAN).  Once these systems connect to networks outside of the vehicle, these networks could have access to the vehicle’s CAN, giving them the ability to send messages to other systems within the car.  A successful hack on just one of these systems could compromise the security of the whole vehicle.  Security devices such as alarms and immobilisers would become obsolete because their primary functions could be bypassed or deactivated by sending rogue messages across the CAN.

Vehicle manufacturers need to take measures to increase the security of the electronic components fitted to their vehicles, so that hacking attacks can not successfully gain control of security components in the vehicle.  “Best practice in security testing would mandate ‘hacking tests’ on the finished product [vehicle] to discover and fix these side-effects that are typical in complex systems.” suggests Karsten Nohl (‘white-hat hacker’ and expert on electronic security threats) in a recent interview with SBD. Hacking is going to become a very real threat to the security of modern vehicles, and one that must not be taken lightly within the industry.  Phone hacking has opened a window for criminals to explore new hacking opportunities, and SBD predict that vehicle hacking could yet become the next ‘buzzword’ in the media in the not too distant future.

Interested in learning more about hacking attacks on vehicles?
Explore the potential threats associated with vehicle hacking and the likely hacking routes that a thief could utilise to steal the vehicle with SBD's report Can Thieves Control My Car? Hacking Attacks on Vehicle Security Systems? To register your interest in this report contact Alessio at security@sbd.co.uk. You might also be interested in reading Are vehicle immobiliser systems susceptible to attack?