Tag Archive for: vehicles

Connected vehicles can be at risk of hacking, consumer awareness paramount: experts

/in


TORONTO — Blasting the heat with a remote sensor before you even get into your vehicle on a brisk winter morning is a welcome convenience. So are the comforts of lane assistance, voice command, Bluetooth and Wi-Fi.

TORONTO — Blasting the heat with a remote sensor before you even get into your vehicle on a brisk winter morning is a welcome convenience. So are the comforts of lane assistance, voice command, Bluetooth and Wi-Fi.

But experts warn modern, connected vehicles, which are heavily packed with microchips and sophisticated software, can offer an open door to hackers.

These cars are vulnerable to hackers stealing sensitive information or even manipulating systems such as steering wheels and brakes, said Robert Falzon, head of engineering at cybersecurity solutions company Check Point in Canada.

“Cars are tracking how fast you’re going, where you’re going, what your altitude is — and all the different pieces of information are being calculated … It’s all computerized,” he said.

“Unfortunately, security is not always the primary thought when these (features) are developed.”

A global automotive cybersecurity report by Upstream shows remote attacks — which rely on Wi-Fi, Bluetooth and connected networks — have consistently outnumbered physical attacks, accounting for 85 per cent of all breaches between 2010 and 2021.

That proportion grew to 97 per cent of all attacks in 2022, the report said.

There’s a growing concern about privacy breaches among connected cars, experts added.

“Let’s say someone is driving on the highway and the doors get locked, the car speeds up and the (driver) gets a message asking for bitcoin or they’ll crash the vehicle,” said AJ Khan, founder of Vehiqilla Inc., a Windsor, Ont.-based company offering cybersecurity services for fleet cars.

“That scenario is possible right now.”

Khan added any car that can connect to the internet, whether gas-powered or electric, could be at risk of hacking.

But electric vehicles are particularly vulnerable to cybersecurity thefts.

Researchers at Concordia University in Montreal found significant weaknesses in their 2022 study of public and private EV charging stations across Canada — all of them connect…

Source…

Connected vehicles at risk of hacking, Markham cybersecurity expert warns

/in


In wake of global automotive cybersecurity report showing remote attacks, which rely on Wi-Fi, Bluetooth, have consistently outnumbered physical attacks, experts are raising awareness about potential security issues

TORONTO — Blasting the heat with a remote sensor before you even get into your vehicle on a brisk winter morning is a welcome convenience. So are the comforts of lane assistance, voice command, Bluetooth and Wi-Fi. 

But experts warn modern, connected vehicles, which are heavily packed with microchips and sophisticated software, can offer an open door to hackers.

These cars are vulnerable to hackers stealing sensitive information or even manipulating systems such as steering wheels and brakes, said Robert Falzon, head of engineering for Markham, Ont.-based cybersecurity solutions company Checkpoint Canada.

“Cars are tracking how fast you’re going, where you’re going, what your altitude is — and all the different pieces of information are being calculated … It’s all computerized,” he said.

“Unfortunately, security is not always the primary thought when these (features) are developed.”

A global automotive cybersecurity report by Upstream shows remote attacks — which rely on Wi-Fi, Bluetooth and connected networks —  have consistently outnumbered physical attacks, accounting for 85 per cent of all breaches between 2010 and 2021.

That proportion grew to 97 per cent of all attacks in 2022, the report said.

There’s a growing concern about privacy breaches among connected cars, experts added.

“Let’s say someone is driving on the highway and the doors get locked, the car speeds up and the (driver) gets a message asking for bitcoin or they’ll crash the vehicle,” said AJ Khan, founder of Vehiqilla Inc., a Windsor, Ont.-based company offering cybersecurity services for fleet cars.

“That scenario is possible right now.”

Khan added any car that can connect to the internet, whether gas-powered or electric, could be at risk of hacking. 

But electric vehicles are particularly vulnerable to cybersecurity thefts.

Researchers at Concordia University in Montreal found significant weaknesses in their 2022 study of public and private EV charging stations…

Source…

Car Thieves Can Hack into Today’s Computerized Vehicles

/in


These days, cars are computer centers on wheels. Today’s vehicles can contain over 100 computers and millions of lines of software code. These computers are all networked together and can operate all aspects of your vehicle.

It’s not surprising, then, that car theft has also become high-tech.

The ones and zeros of getting from A to B

The computers in a vehicle can be divided into four categories. Many computers are dedicated to operating the vehicle’s drive train, including controlling the fuel, battery or both, monitoring emissions and operating cruise control.

The second category is dedicated to providing safety. These computers collect data from the vehicle and the outside environment and provide functions like lane correction, automatic braking and backup monitoring.

The third category is infotainment systems that provide music and video and can interface with your personal devices through Bluetooth wireless communications. Many vehicles can also connect to cellular services and provide Wi-Fi connectivity. The final category is the navigation system, including the car’s GPS system.

Computers in one category often need to communicate with computers in another category. For example, the safety system must be able to control the drive train and the infotainment systems.

One difference between the network in your car and a typical computer network is that all devices in the car trust each other. Therefore, if an attacker can access one computer, they can easily access other computers in the car.

As with any new technology, some aspects of today’s cars make it harder for thieves, and some make it easier. There are several methods of stealing a car that are enabled by today’s technology.

Hijacking wireless keys

One of the high-tech features is the use of keyless entry and remote start. Keyless entry has become common on many vehicles and is very convenient. The fob you have is paired to your car using a code that both your car and fob know, which prevents you from starting other cars. The difference between keyless entry and the remotes that unlock your car is that keyless entry fobs are always transmitting, so when you get near your car and touch the door,…

Source…

Autonomous Vehicles Join the List of US National Security Threats

/in


Amid rising concerns about China’s growing international data collection apparatus, a newly divided US Congress is applying fresh scrutiny to the possibility that imported Chinese technology could be a Trojan horse.

In a letter to the US National Highway Traffic Safety Administration, shared exclusively with WIRED, Representative August Pfluger asks some tough questions as to whether Washington is really prepared for the security threat posed by the coming influx of Chinese-made smart and autonomous vehicles (AVs) to the United States.

 “I remain concerned that a lack of US oversight in AV technology has opened the door for a foreign nation to spy on American soil, as Chinese companies potentially transfer critical data to the People’s Republic of China,” Pfluger writes.

While AV technology may be some years away from widespread commercial use, pilot projects are already on the roads around the world. As of earlier this year, more than 1,000 AutoX autonomous taxis were on the roads in California. AutoX, a Chinese startup backed by one of the largest state-owned car companies in the communist country, was granted approval by California in 2020.

As American regulators have green-lit those test projects, Pfluger writes, “there remains a serious lack of oversight regarding their data governance.”

Earlier this year, WIRED reported on the mounting national security issues posed by Chinese-made vehicles. The massive trove of data being collected by these cars could give adversarial states an unprecedented vantage point into the United States and other Western nations. Beijing has already pioneered the use of big-data analytics to identify dissidents at home, and concerns have mounted that those tactics could be deployed abroad.

Pfluger submitted a detailed list of questions to the National Highway Traffic Safety Administration (NHTSA), which regulates the use of AVs, and asked the regulator to explain how it has vetted the national security risk posed by these Chinese companies.

“Has NHTSA worked independently, or in collaboration with cities or other local governments to limit or prevent Chinese-owned companies from collecting sensitive information from American…

Source…