McAfee warns of hacker threat to autos
Wednesday 07 September 2011
Cars made smarter with Internet technology are zooming into perilous hacker territory, according to a report by US computer security giant McAfee.
The first-of-its-kind report, entitled "Caution: Malware Ahead" and released late Tuesday, warned that security is lagging as vehicles are enhanced with embedded chips and sensors for a growing array of purposes.
"As more and more functions get embedded in the digital technology of automobiles, the threat of attack and malicious manipulation increases," said McAfee senior vice president and general manager Stuart McClure.
"It's one thing to have your email or laptop compromised, but having your car hacked could translate to dire risks to your personal safety," he added.
Chips are embedded in almost all parts of cars from airbags, brakes, and power seats to cruise controls, anti-theft gadgets, and communications systems, according to McClure.
Researchers have demonstrated that computers controlling functions in automobiles can be hacked if attackers get into vehicles and, in some cases, from afar.
A security consultant with iSEC Partners showed peers at a recent Black Hat security conference in Las Vegas that it is possible to unlock or start cars by sending commands in the form of text messages from smartphones.
Sensors used by roadside emergency services to find cars or by car owners to make sure vehicles are being driven safely, can give cyber stalkers ways to track someone's movements, according to the report.
Hackers could disrupt car navigation systems, steal personal data through Bluetooth connections, or disable vehicles remotely, the findings indicated.
"The automobile industry is continually adding features and technologies that deliver new conveniences such as Internet access and the ability to further personalize the driving experience," the report said.
"However, in the rush to add features, security has often been an afterthought," it said.
There were no indications that hackers have yet taken advantage of computer vulnerabilities in cars, according to McAfee.
McAfee and smart gadget software specialty firm Wind River, both owned by US chip colossus Intel, collaborated with embedded device security firm ESCRYPT on the study.
"As the trend for ubiquitous connectivity grows, so does the potential for security vulnerabilities," said Wind River senior director for automotive solutions Georg Doll.
"The report highlights very real security concerns, and many in the auto industry are already actively designing solutions to address them," Doll added.
Researchers cited industry projections that the number of Internet connected devices will climb to 50 billion in the year 2020 from a billion last year.
The bulk of those gadgets are expected to be embedded devices such as airport ticket kiosks, cash registers, key card readers, and controls for factory machinery.
"Today, we're seeing bold new experiments, including Google's auto-piloted cars and smart roads with sensors that report on traffic conditions and vehicle speeds," the report said.
"Experiments like these show the ongoing possibilities... But there is a concern that as the industry advances, there has been little done to ensure the security of these systems."
Life & Style blogs
Android One handsets launch in India: £65 apiece with cricket scores baked in
Jennifer Lawrence nude pictures leaked: Reddit removes 'The Fappening' board dedicated to sharing naked pictures of celebrities
A bottle of wine a day is not bad for you and abstaining is worse than drinking, scientist claims
Vogue under fire for 'Big Booty' article
Vogue's 'Big Booty' stars
Daniele Watts: Django Unchained actress detained by Los Angeles police after being mistaken for a prostitute
The political class is doing what Hitler couldn’t – destroying Britain
Scottish independence: Nationalist leader Jim Sillars threatens pro-union companies with 'day of reckoning' after independence
Scottish independence: Yes campaign feels the heat as Alex Salmond's NHS claims come under furious attack
£23m Birmingham cycle scheme is attacked by Tory councillor for not catering to the elderly
Salmond accused of laughing off national debt with ‘what are they going to do: invade?’ joke
- 1 Scottish independence: Ireland since 1919 is a lesson for Scotland in what a Yes vote means
- 2 Thailand deaths: Pair's bloodied bodies found naked on Koh Tao beach
- 3 Lego breaks out of the toy box and heads for the gallery
- 4 Julian Assange and Edward Snowden join piracy mogul Kim Dotcom’s political campaign in New Zealand
£45000 Per Annum: Clearwater People Solutions Ltd: Our client based in Chelmsf...
£25000 - £30000 Per Annum: Clearwater People Solutions Ltd: Our client are cur...
£23500 - £40000 per annum: Randstad Education Plymouth: Randstad Education Ltd...
£60000 - £80000 per annum: Ashdown Group: Corporate Marketing Communications M...