Cars are becoming increasingly smart and an extension to our mobile phones. How is this impacting users’ security and privacy?
With the expansion of our technology in use, our vulnerability surface increases dramatically. Ultimately, this is yet another vulnerability to keep in mind for your own safety and security. As we grow in our technology and dependence thereon, that inherently expands the opportunity for bad actors to take advantage of the dependence. The difference with car vulnerability, however, is you’re not just talking about your personal data being compromised, but rather the influence over your car while driving could affect your immediate physical safety.
In terms of privacy, the onboard computers of used, rented, or crashed/totaled vehicles can contain sensitive residual data from previous drivers such as contact and calendar details, unencrypted videos, and more.
What are the biggest vulnerabilities of today’s modern cars?
The lack of one single “gate keeper” is a substantial issue when it comes to modern car vulnerability. The patchwork of various technologies being meshed together for the overall car means not only is there not one single overseer of that technology but also that protocols are set without security in mind because they need to be able to easily communicate with each other.
In addition, we see the same vulnerabilities that you have with your phones and computers: protocol vulnerability. The difference is what the bad actors could have access to: electronic control units (ECUs) which all communicate to access and control the subsystems in a car such as your braking or navigation system. Not only could the hacker access the vehicle information resulting in influence on the car such as the alert systems within the vehicle, but could also access personal information such as home addresses or phone IPs.
What are the techniques hackers could use to compromise a car?
Hacking Connected Cars: Tactics, Techniques, and Procedures