According to research organization NCC Group, cars and motor vehicles are being put at risk due to lapse security on infotainment systems. These are devices fitted to a car to provide information and entertainment, such as radios, navigation systems, and computers.
The problems mean that it is possible for hackers to gain access to vehicle’s more important controls by exploiting these systems according to NCC Group research director Andy Davis. Using cheap store bought materials it was possible for Davis to construct a digital radio broadcaster, which could send code to the car and allow him to take over the cars steering, throttle and brakes.
He explained the hack could affect multiple vehicles a once; “As this is a broadcast medium, if you had a vulnerability within a certain infotainment system in a certain manufacturer’s vehicle, by sending one stream of data, you could attack many cars simultaneously.” Davis added, “[An attacker] would probably choose a common radio station to broadcast over the top of to make sure they reached the maximum number of target vehicles.”
Fortunately, Davis went on to state that the hack would be beyond the skills and resources of most criminals. This means that it shouldn’t put too many motorists at risk, although he still urges all manufacturers to improve security and ensure that their vehicles are not susceptible to such attacks.
Earlier in the week, two hackers called Chris Valasek and Charlie Miller demonstrated to Wired how it was possible to take control of Jeep Cherokee by exploiting vulnerabilities in the radio and satellite navigation system. Using an internet connection, it was possible for the pair to take control of various systems in the vehicle with just a laptop computer.
The problems mean that it is possible for hackers to gain access to vehicle’s more important controls by exploiting these systems according to NCC Group research director Andy Davis. Using cheap store bought materials it was possible for Davis to construct a digital radio broadcaster, which could send code to the car and allow him to take over the cars steering, throttle and brakes.
He explained the hack could affect multiple vehicles a once; “As this is a broadcast medium, if you had a vulnerability within a certain infotainment system in a certain manufacturer’s vehicle, by sending one stream of data, you could attack many cars simultaneously.” Davis added, “[An attacker] would probably choose a common radio station to broadcast over the top of to make sure they reached the maximum number of target vehicles.”
Fortunately, Davis went on to state that the hack would be beyond the skills and resources of most criminals. This means that it shouldn’t put too many motorists at risk, although he still urges all manufacturers to improve security and ensure that their vehicles are not susceptible to such attacks.
Earlier in the week, two hackers called Chris Valasek and Charlie Miller demonstrated to Wired how it was possible to take control of Jeep Cherokee by exploiting vulnerabilities in the radio and satellite navigation system. Using an internet connection, it was possible for the pair to take control of various systems in the vehicle with just a laptop computer.