Rise in Automotive Hacking

With advancement in technologies and adaption of AI introduces new challenges in cybersecurity trends as news of?data breach,?ransomware?and hacks become the norms.

In 2023 world is experiencing new trends in Cyber security. In this article let us explore one such trend which is “The Rise in Automotive Hacking”.

Modern vehicles nowadays come packed with automated software creating seamless connectivity for drivers in cruise control, engine timing, door lock, airbags, and advanced systems for driver assistance. These vehicles use Bluetooth and Wi-Fi technologies to communicate that also opens them to several vulnerabilities or?threats?from hackers.

Gaining control of the vehicle or using microphones for eavesdropping is expected to rise in 2023 with more use of automated vehicles. Self-driving or autonomous vehicles use an even further complex mechanism that requires strict cybersecurity measures.?

Electronic Control Units (ECUs), communicate with one another over a variety of networks and protocols, including the Controller Area Network (CAN) for vehicle component connectivity, such as engine and brake control connections; and the Local Interconnect Network (LIN).

Let us explore few common types of Automotive Hacking

1. Key Fobs

The computerized key fob is the most popular means for hackers to gain access to cars today, often to steal the vehicle. This is usually accomplished by spoofing or cloning the signal used by a car and a key to be communicating.

?

Security researchers used a cloned key fob to hack a Tesla Model S, even though it is maintained by a large security team and employs encrypted keys (the encryption turned out to be the weak link).

While this was done for research purposes, Upstream’ s data shows several real, malicious key fob hacking incidents around the world. As a result, it should be a major concern for automakers.

2. Mobile App Hacks

While the increased use of automotive mobile apps has been beneficial to consumers, it has also provided hackers with new ways to gain access to autos. And the consequences of hackers gaining access to the information and control available in automobile apps can be disastrous.

For example, one hacker found that by exploiting weak password protocols, he could remotely disable the engines of thousands of automobiles using two GPS tracking programs (ProTrack and iTrack). In another case, a security researcher discovered that using only the VIN number from the car's windshield and the linked mobile app, they could manage the functionality of a Nissan Leaf.

?3. Server Hacks

Server hacks may be disastrous in more ways than one because gaining access to a central server grant hackers’ access to everything: sales data, mobile apps, and even the controls of every car connected to it.

"This can lead to multi-vehicle or fleet-wide attacks", according to Upstream's report, "which is exceedingly harmful to all parties involved, from OEMs to telematics service providers, and fleet management companies to the drivers themselves."

While a large-scale attack on vehicle controls has yet to occur, researchers Charlie Miller and Chris Valasek demonstrated the threat in a Wired Magazine article in 2015, when they stopped a Jeep moving 70 mph on a highway from their couch.

Large-scale data breaches, on the other hand, have already occurred, exposing millions of people's sensitive data (for example, Toyota's server breach in 2019).