As vehicle technology advances, interconnectivity increases. Cars are now smarter than ever, and with increased tech comes increased vulnerability. Car hacking, while not common, is becoming a more and more pressing issue. And the consequences can range from minor to outright devastating.
In 2015, security researchers Chris Valasek and Charlie Miller remotely hacked a Jeep Cherokee while reporter Adam Green was driving it down a busy highway. Green had agreed to this and was aware that features in his car would be compromised, but he wasn’t given any information past that. At first the hack was benign — the windshield wipers turned on, the radio turned up, and the AC blasted. But soon, the hack took control of his steering wheel, engine, and breaks.
The result: Chrystler ended up issuing a recall for over one million vehicles, and auto manufacturers started taking car cybersecurity seriously. Today, companies like General Motors and Tesla have programs that reward researchers who find software vulnerabilities before they become problems. However, there’s still a lot of room for cybersecurity to increase.
So how exactly is a car hacked, and what can you do to keep your ride secure? Check out the infographic below to learn more.
PLEASE NOTE: This is a graphic provided by Esurance.com as part of its awareness campaign. There is no paid relationship between SAC and Esurance.
Keyless entry remotes
- Hackers trick the car into thinking the key fod is close by amplifying its signal with relay boxes.
- This allows them to then unlock the car and push to start without ever having the keys.
- Quick prevention tip: Store your keys in a radiofrequency-blocking bag overnight.
- If a car has a wi-fi hotspot, all you need is the IP address to compromise the system.
- From there, hackers can move laterally to the car’s various other computers.
- Quick prevention tip: Update your software system as frequently as possible.
- Car-linked apps can be compromised via the cloud service they use to communicate with the car.
- Phishing attempts cause owners to unknowingly download malicious apps that hack their car-linked app.
- Quick prevention tip: Only use apps with double-factor authentication.
On-board diagnostics system
- The onboarding diagnostics system, or OBD-II, monitors car activity similarly to a black box.
- OBD-II plugins, or dongles, send this data to your phone via bluetooth. Hackers intercept it en route.
- Quick prevention tip: Purchase an OBD-II lock to keep your system secure.
- A hacked phone that is plugged into your car’s USB port can compromise your car’s systems.
- USB drives can easily be compromised and corrupted.
- Quick prevention tip: Scan the USB drive for malicious software before plugging it in.
Suspect a hack? Here’s what to do
- Check for vehicle recalls or software updates.
- Contact your auto manufacturer or authorized dealer.
- Contact the NHTSA to file a vehicle safety complaint.
- Contact the FBI and file a complaint with IC3.