Can Your Car Get Hacked?

 By Catherine Powell

Most Americans are well aware of cyber-security issues when it comes to their computers and smartphones.  That’s because hackers have been upping the ante to the tune of $1.5 Trillion in 2019.  Face it, hardly a month goes by without the news featuring a public corporation that hasn’t been breached by hackers.  Everything from data breaches to ransomware attacks are common to small businesses and individuals these days.  As hackers become more adept at gaining unauthorized access to all of our web-enabled devices, the question is when will cyber-criminals manage to hack their way into our vehicles?  The sad fact of the matter is, it’s already occurred. 

In 2015, Fiat Chrysler recalled 1.4 million vehicles when a cyber-security breach was revealed. – Fortunately, in that for instance, the hack was performed by Charlie Miller and Charlie Valasek who took control of a Jeep Cherokee by breaching the vehicle’s web-enabled entertainment system.  This gave them access not only to the vehicle’s radio, it also let them control the air conditioning, the windshield wipers, the transmission, the brakes and the drive-by-wire steering system.  Shortly after the hack was revealed, Wired Magazine publicized the hack (see video below) which showed how it was possible to hijack a Jeep from the comforts of one’s own home.  Needless to say, once the executives at Chrysler learned of the hack, they issued a first of its kind automotive recall.   

 

Was this an isolated instance? – While Fiat Chrysler managed to correct the problem with their automotive entertainment system, that hasn’t stopped hackers from finding other chinks in other auto manufacturer’s armor.  In 2016, CBC Marketplace posted a YouTube video that showed hackers breaking into a pair of SUV’s without having to pick the locks or have the keys. Then they are seen driving off with the stolen vehicles. (https://youtu.be/ARrlhlQiFzM) In this for instance, the high-tech thefts were the real deal, not simply a simulation.  In fact, the two reporters assigned the piece were themselves hit while on location when hackers keylessly broke into and cleared out their van.  It turns out that cyber-thieves learned how to gain access to and even start vehicles by intercepting and amplifying the the signal broadcast by a car’s electronic key fob.

More recently, in 2019 a hacker who goes by the moniker L&M laid claim to having hacked into more than 7,000 iTrack and 20,000 ProTrack GPS tracking accounts which then gave him access to other system in the affected vehicles.  This gave the hacker the ability to track the hacked vehicles in real time, as well as being able to shut off their engines as long as the vehicles were going below 12 MPH.  Fortunately, L&M didn’t make use of this access.  He instead contacted the software company to let them know of the vulnerability contained in their system.

How can hackers gain access to your vehicle? – When it comes to hacking, today’s vehicles are every bit as vulnerable as all our other wireless devices.  That’s because today’s vehicles are more computer than car.  Here are a few of the bigger vulnerabilities:

1.      Wi-Fi – If your vehicle is Wi-Fi enabled, you need to change the default password set by the factory.  If not, a hacker may use this vulnerability to your car and its computerized systems.

2.      Apps – Gaining access to your vehicle could be as easy as sending a request to a cloud service that’s connected to any of your vehicle’s linked smartphone apps.

3.      USB – If you stream music via a flash drive that plugs into your vehicle’s USB port, you should be aware that hackers can plant malware on it that could be used to access other systems in your car.

4.      On-Board Diagnostic Systems -  Since 1996, cars have come equipped with OBD systems that can be used to take control of many of your vehicle’s computerized systems remotely.

What can you do to protect yourself? – The problem with hacking is that hackers are always coming up with new ways of breaching computerized systems.  The moment you figure out how to block entry one way, they discover another security vulnerability.  However, there are ways for you to make it more difficult for a hacker to gain access to your vehicle.

1.      Turn off Bluetooth and Wi-Fi when you aren’t using it.

2.      Change the password on your car’s Wi-Fi system.

3.      Make sure your vehicle’s software is up to date.

4.      Never plug in a flash drive that you haven’t scanned for malware.

5.      Check to make sure that all the apps on your phone are safe and secure.

6.      Make sure you heed any recalls issued by the manufacturer.

What can you do if you discover your vehicle has been hacked? – If you suspect that your car has been hacked, first and foremost DO NOT DRIVE IT.  Pull over and call your car dealer to tell them what you are experiencing.  Unless the dealer can tell you how to correct any anomaly, call for a tow and have the car taken to the dealer so they can assess and correct the situation.  Driving a vehicle that has been hacked could result in an accident.  It’s better to have a licensed mechanic determine if any of the systems have been compromised than by assuming you can safely drive the car to the dealership, only to have something go wrong with a critical system, such as the brakes, transmission or steering. 

Catherine Powell is the owner of A Plus All Florida, Insurance in Orange Park, Florida.  To find out more ways to save on flood insurance, check out her website at http://aplusallfloridainsuranceinc.com/