View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
January 25, 2018updated 08 Jul 2022 4:12am

How to hack a connected car

Are you aware of the threats facing connected and autonomous vehicles? Manufacturers must put robust security in place to maintain safety.

By Tom Ball

The connected car or autonomous vehicle is the kind of fantasy image we are all likely to conjure up if we were asked to think of what lies up ahead in the future. The truth is, many vehicles are already deeply connected and autonomous vehicles are well on their way.

For instance, Ford Motor Co. has forecast that it will be offering fully driverless vehicles to the public by 2025. Ford has even entered into partnerships with the likes of Dominos to work on the disruption of pizza delivery.

While the world is awash with talk and big ideas regarding this next potentially transformational phase in driving, there are still major hurdles these projects must jump before there could be any consideration for the large scale integration of this technology onto roads in the real world.

One such hurdle is the question of cybersecurity and it is not hard to see why. Hackers are posing an ever increasing threat based on their ability to take control of IoT devices, so with the network connectivity required by an autonomous vehicle they too could be a target. Unlike with your connected hoover, a hacked connected car could pose a major risk to human life, making it a central focus area.

Because of the importance of this factor in the future of driving technology, we are setting out to help you discover just how a hacker might go about breaching the cyber defences of a connected vehicle.

By leveraging production line vulnerabilities

Attackers can leverage vulnerabilities in autonomous vehicle components before they have even left the factory in one finished piece. This is a critical stage in which security has to be tight, or else hackers can find loopholes in the complex supply chains and infiltrate.

The complexity of connected and selfdriving vehicle software is on the one hand a field day for hackers and a big challenge for manufacturers. Given that security cannot be guaranteed by anyone in the world at the present moment, a sensitive, still nascent technology is the promise land for malicious threat actors.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester
Cybercrime statistics: Hackers still having an ‘online fraud frenzy’
Alphabet writes itself into the cybersecurity Chronicle with new business
Online biometric payments brought to Europe by Mastercard

Combatting hackers at this vulnerable entry point for example is BlackBerry. The once leading smartphone maker has turned its hand to security, now looking to provide its Jarvis software for autonomous vehicle security. The company has specified the suitability of its technology to provide robust defence from this vulnerable point onwards.

By fooling the internal network

The internal network is the nerve centre of connected vehicles including selfdriving cars, making it an area that the many manufacturers looking to move into connected and autonomous vehicles must protect most heavily to defend against agile hackers.

This method of hacking a car is no mere theory because it has already been done in practice at the 2016 Black Hat conference. Charlie Miller and Chris Valasek were able to intercept vital correct messages being sent to a Jeep Cherokee’s internal network by sending false ones. This allowed the demonstrating hackers to cause the car to turn violently, speed up and brake.

Some other top ways a connected car could be hacked include buffer overflows, coding logic errors, hardcoded credentials, backdoors and information disclosures.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.