Connect with us

Hi, what are you looking for?

The American GeniusThe American Genius

Tech News

Could hackers *really* take over your car?

(Tech News) Technology is constantly evolving and making our lives easier. As with anything, it comes with a risk. Could hackers potentially take over your car?

car hackers

car hackers

Can your car be hacked?

We all know you need to protect your computer against hackers, but what about other devices linked to wireless technology? We seldom think about the risks our cars pose; from OnStar to Sirius, our cars are doing more than just getting us from point A to B. As technology evolves, so should the appropriate security measures. This issue was recently addressed in regards to Zubie.

Zubie is a small box that plugs into your car’s On-Board Diagnostics (ODBII) port. By plugging in to your car, Zubie can tell you how well you’re driving and help you save money by offering tips on how to get the most out of your mileage. Sounds like a neat tool, but until recent, Zubie lacked security measures they desperately needed to prevent a user’s car from being hijacked.

Unit 8200, an elite Israeli Defense Force, discovered the security risk which would allow hijackers to interfere with critical system operations like braking, steering, and engine controls. Zubie connects to a remote server over a GPRS connection, which is used to aggregate data and then send it to a central server.

This is also used to receive security updates. Unit 8200 discovered that the device was not communicating with the home server over an encrypted connection. As a result, it was possible to spoof the Zubie central server and send some specially crafted malware to the device, which could result in a lose of control for the driver, as well as a host of other problems.

The security risk does not apply solely to the Zubie, however

In 2013, Charlie Miller and Chris Valasek demonstrated an attack where they compromised a Ford Escape and Toyota Prius and managed to take control of the braking and steering facilities. However, it had to be plugged into the vehicle. Which makes one wonder, if it was possible to accomplish the same thing, but without being physically tethered to the car.

Advertisement. Scroll to continue reading.

That question was conclusively answered one year later, when Miller and Valasek conducted an even more detailed study on the security of 24 different models of cars. This time around, they were focusing on the capacity for an attacker to conduct a remote attack. Their 93-page report suggested that our cars weren’t as secure as once thought, with many lacking the most rudimentary cyber-security protections.

The Zubie vulnerability is a bit trickier. Although the vulnerability has since been patched, the weakness wasn’t about the car, but rather the third-party device that was attached to it. While some cars certainly have their own intrinsic vulnerability, adding third-party extras only increases the potential for hijacking.

With everything comes risk, so your car should be no different. If you take one thing away from this, let it be to take extra caution before adding the “latest and greatest” new toy to your car; simply make sure there is security software in place so that you can stay safe while enjoying the latest technology.

Advertisement. Scroll to continue reading.

Jennifer Walpole is a Senior Staff Writer at The American Genius and holds a Master's degree in English from the University of Oklahoma. She is a science fiction fanatic and enjoys writing way more than she should. She dreams of being a screenwriter and seeing her work on the big screen in Hollywood one day.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


American Genius
news neatly in your inbox

Subscribe to our mailing list for news sent straight to your email inbox.



Social Media

Due to a sophisticated pre-holiday attack on small businesses on Meta platforms, some owners are left in the dark.

Business News

(BUSINESS) Governments are beefing up their cybersecurity in the midst of Russian cyberattacks. What does this mean for the US's hacking red lines?

Business News

(BUSINESS NEWS) Ticketmaster has agreed to pay $10 million to resolve criminal charges after hacking into a competitor’s network specifically to sabotage.

Tech News

(TECHNOLOGY) Phishero is a tool which tests your organization’s resistance to phishing attacks. Pro tip: Most companies aren't ready.

The American Genius is a strong news voice in the entrepreneur and tech world, offering meaningful, concise insight into emerging technologies, the digital economy, best practices, and a shifting business culture. We refuse to publish fluff, and our readers rely on us for inspiring action. Copyright © 2005-2022, The American Genius, LLC.