Vehicle Cyber Crime Attacks Double

The threat of attacks of attacks on vehicle is growing and the concept of car cybercrime will become much more common with the increasing number of cars on the road which are vulnerable to hackers and scammers, according to research carried out by online comparison firm Uswitch.

As more connected devices come into your home the levels of risk involved increases. The awareness that scammers and hackers are actively targeting the growing network of IoT devices is becoming common knowledge and taking steps to keep  personal data safe has become part of everyday life. However, there’s one device you may not consider when keeping tabs on your data security, your car.

When talking about ‘connected cars’, this is essentially shorthand for vehicles that send data about the driver and internal systems back to the manufacturer over the Internet. The term also applies to actions the owner can perform with the car. These might include remote locking, linking up your smartphone to play your favourite tunes or even using an in-car app to pay at a toll booth.

Cyber-attacks on connected cars have increased by 99% in the last year, according to Uswitch. Potential threats include cyber-attacks against cars’ perception sensors, which could trick vehicles into ‘seeing’ something that is not there, or not seeing something that is. 

Connected cars can collect up to 25GB of data from various sources every hour and hackers can try to manipulate vehicles through data connections and ‘shared information protocols’, such as vehicle-to-vehicle or traffic monitoring, using a vehicle’s in-built Apps that can track things like location, entertainment preferences and even financial information.

The online and telephone comparison and switching service USwitch has identified several ways that vehicles can be compromised, ranging from weaknesses in apps and theft of personal data, to keyless car theft and  taking control of a vehicle remotely. Many people also sync their phone with their car to use Apps and entertainment systems, as well as share contacts for hands-free calls via the in-built speakers.

Each of these connections are an increased opportunity for hackers to find a vulnerability and steal data via remote access.

Apps that communicate directly with cars are becoming more popular and this makes them a tempting target for criminals.
If these applications have any vulnerabilities, they can allow for unauthorised access to the owner’s personal data and even features of the car itself. 

Nissan had to shut down one of its Apps after testing by security researchers revealed a vulnerability that could allow hackers to remotely control the car’s heated seating, fans, air conditioning and heated steering wheel. Keyless theft or key hacking is another way thieves attack the systems used to control a car.When the key is near the car, it passively sends out the signal that tells it to unlock. Car thieves have figured out a way to scan for that signal and then hack it, to give them access to the car.

In certain scenarios, hackers are also able to take control of safety-critical aspects of a vehicle’s operation. This means that some vehicles may contain vulnerabilities that allow hackers to access functions like steering control, braking and even turning off the engine. 

Connected cars send data about the driver and vehicle systems back to the manufacturer over the internet. They also allow owners to carry out actions such as remote locking, smartphone linking to play music or using an app to pay at a toll booth.

While all these actions happen at the click of a button or touch of a screen, a lot of complex programming required to make it seem so simple. A modern car uses about 150million lines of computer code, while a Boeing 787 jet uses just 6.5million. All this coding makes cars potentially very vulnerable.

AutomotiveManagement:       USwitch:       Daily Record:    Inst. of Mechanical Engineers

You Might Also Read:

Cyber Criminals Target UK Motorists:

 

« Coronavirus Tracing Apps Conflict With Privacy
Five Ways Automation Can Help Fix The Cybersecurity Skills Shortage »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

VMworld

VMworld

VMworld is a global conference for virtualization and cloud computing, including associated security issues.

Hack in the Box Security Conference (HitBSecConf)

Hack in the Box Security Conference (HitBSecConf)

HITBSecConf is a platform for the discussion and dissemination of next generation computer security issues. Our events feature two days of training and a two-day multi-track conference

Luxembourg Institute of Science & Technology (LIST)

Luxembourg Institute of Science & Technology (LIST)

LIST is a mission-driven Research and Technology Organisation. Areas of research include IT and aspects of IT security.

Identillect Technologies

Identillect Technologies

Identillect Technologies provide a user-friendly secure email solution to protect critical information, with an emphasis on simplicity.

Bounga Informatics

Bounga Informatics

Bounga Informatics provides Digital Forensics, E-Discovery, and Endpoint Security software, hardware, and training in Singapore and other countries in Asia Pacific.

Mitre

Mitre

At Mitre we work across government to tackle challenges to the safety, stability, and well-being of our nation. Areas of expertise include Cybersecurity.

Jumio

Jumio

Jumio’s end-to-end identity verification and authentication solutions fight fraud, maintain compliance and onboard good customers faster.

Digital Law

Digital Law

Digital Law is the only UK law firm to specialise solely in online, data and cyber law.

Fyde

Fyde

Fyde helps companies with an increasingly distributed workforce mitigate breach risk by enabling secure access to critical enterprise resources.

Scanmeter

Scanmeter

Scanmeter helps identifying vulnerabilities in software and systems before they can be exploited by an attacker.

Joint Accreditation System of Australia and New Zealand (JASANZ)

Joint Accreditation System of Australia and New Zealand (JASANZ)

JASANZ is the joint national accreditation body for Australia and New Zealand. The directory of members provides details of organisations offering certification services for ISO 27001.

First Point Group (FPG)

First Point Group (FPG)

First Point Group provide a global technological recruitment service worldwide. Within that we have a specialist team of Cyber Security recruiters.

Trustify

Trustify

Trustify is a Managed Security Service Provider offering a suite of world-class Cyber Risk Management services.

Hyperproof

Hyperproof

Hyperproof is a cloud-based compliance operations software. Launch new programs immediately, collect evidence automatically, and manage a compliance program intelligently.

SK Shieldus

SK Shieldus

SK shieldus are a converged security provider with business capabilities in both cybersecurity and physical security based on Big-Tech.

SureCloud Cyber Services

SureCloud Cyber Services

Our Cyber Testing capability has been honed since we were founded in 2006 as a disrupter in the penetration testing market.