Ever growing use of software and wireless technology in modern cars exposes users to unknown risks to personal safety while driving, according to security technology company McAfee.
In a new report on emerging risks in automotive system security, McAfee said that researchers have already demonstrated potential attacks on running cars such as opening doors and starting car engines by using text messages. The risk of losing control and privacy increases if hackers gain access to the cars physically, but malicious hacking could target drivers remotely as well, said the report.
The report said that "researchers have showed that an attack can be mounted to track a vehicle and compromise passengers’ privacy by tracking the RFID tags using powerful long-distance readers at around 40 meters."
The report, ‘Caution: Malware Ahead’, published in conjunction with Wind River and ESCRYPT, examines the security of electrical systems that have become commonplace in today’s cars.
Modern cars have become ever more reliant on wireless systems such as Bluetooth and software to function. McAfee said that software is embedded in several car parts now including airbags, power seats, anti-lock braking systems, electronic stability controls, autonomous cruise controls, communication systems and in-vehicle communication.
McAfee senior vice-president and general manager Stuart McClure said as more and more functions get embedded in the digital technology of automobiles, the threat of attack and malicious manipulation increases.
McClure added, "Many examples of research-based hacks show the potential threats and depth of compromise that expose the consumer. It’s one thing to have your email or laptop compromised but having your car hacked could translate to dire risks to your personal safety."
The automobile industry is continually adding features and technologies that deliver new conveniences such as Internet access and the ability to further personalise the driving experience. However, in the rush to add features, security has often been an afterthought, the report said.
The report studies risks associated with cybercriminal activity in modern cars including: remotely unlocking and starting a car via cell phone; disabling a car remotely; tracking a driver’s location, activities and routines; stealing personal data from a Bluetooth system; disrupting navigation systems; and disabling emergency assistance.
Wind Riversenior director Georg Doll said, "The auto industry is experiencing a convergence of consumer and automotive electronics. Consumers are increasingly expecting the same experiences in-vehicle as they do with the latest connected consumer and mobile devices. However, as the trend for ubiquitous connectivity grows, so does the potential for security vulnerabilities."
