Connected Cars, Smart Homes Remain Targets 

The European Union Agency for Cybersecurity (ENISA) released a smart car safety report detailing how connected cars expand the potential of cyberattacks. Several years ago, IOActive researchers (among others) proved that it’s possible to compromise autonomous vehicle systems, which led to millions of recalls.

The more developers add connectivity and IoT integration to smart cars, the more vulnerable smart cars become to hackers. For instance, most modern cars contain around 50 IoT devices, each one increasing the risk. If a hacker breaches someone’s smart car, they can gain access to the person’s entire smart home system, too (which includes their phone).

Voice command technology also increases vulnerability—leaving voice command-enabled smart home and smart car systems at even greater risk.

How Hackers Infiltrate Smart Cars

Smart cars rely heavily on computer systems, so hacking into an unsecured smart vehicle system is akin to hacking into a standard IoT device. Hackers use the smart car’s infotainment system via diagnostic services to take control of the car’s functions or gain insight into passwords, voice controls and more.

Through this method, hackers can do a lot of damage:

  • Cut the engine.
  • Enable or disable the immobilizer.
  • Initiate or disable brakes.
  • Change passwords.
  • Disable airbags.

Smart speaker software such as the Amazon Alexa also gives hackers access to the car’s control center through the smart speaker’s diagnostic capabilities. Amazon’s Alexa automatically stores audio files so it can continually improve its reaction time and accuracy. Hackers take advantage by commanding Alexa to share or provide sensitive information.

Smart cars’ Uconnect infotainment systems, which allow drivers to connect their car to their phones, provide a loophole for hackers as well. Hackers gain initial access to the vehicle’s system through the smart car app each smart car owner downloads on their phone. Hackers figured out that each app shared the same default password, so by testing millions of usernames, hackers were able to gain access.

No smart car is off-limits either. Tesla, for example, stores and saves GPS and other personal data between owners. Even when a Tesla is taken in for a repair or is auctioned off to a new owner, the previous owner’s data still lives in the vehicle’s system.

Why You Should Be Worried

According to the ENISA, this will mean the possibility of vehicle immobilization and more car accidents. If people are in their car while it’s hacked, they could become stranded and locked inside.

Beyond physical safety, people are also at risk of having their personal and financial information stolen. Just as a hacker can learn passwords, Social Security numbers and other sensitive information from hacking a smart speaker, hackers can do the same by hacking a connected car.

Automakers and connected vehicle service vendors are doing more to beef up the cybersecurity of connected cars, which primarily involves new security measures at the beginning of the manufacturing process. Toyota even released a testing platform so its customers can test how vulnerable a smart car is to hacking themselves.

Despite these updates, it’s expected that these vulnerabilities in the back end of vehicle systems will still exist—at least for the near future.

The Risk Between Smart Cars and Smart Homes

In the end, the more advanced machine learning and artificial intelligence we integrate into our lives, the greater the risk of cyberthreats.

You can’t be sure your smart car is safe unless you know your entire smart home hub is secure—and vice versa. If a hacker can hack into your smart car, they’ll likely be able to gain access to your smart garage controls and your home’s smart locks.

Smart tech that’s helpful to homeowners is helpful to hackers as well. Smart garages, for instance, signals owners via a mobile app when their garage is closed or open, so they know who’s going in and out throughout the day. If hackers gain access to the connected app, they can use the info to learn peoples’ schedules and gain access to the home.

It’s up to automakers to get ahead of hackers and make the entire ecosystem of smart cars and smart homes more secure. Only then should consumers feel confident about the protection of their personal data and safety.

Featured eBook
The State of Cloud Native Security 2020

The State of Cloud Native Security 2020

The first annual State of Cloud Native Security report examines the practices, tools and technologies innovative companies are using to manage cloud environments and drive cloud native development. Based on a survey of 3,000 cloud architecture, InfoSec and DevOps professionals across five countries, the report surfaces insights from a proprietary set of well-analyzed data. This ... Read More
Palo Alto Networks

Alicia Betancourt

Alicia Betancourt is a freelance writer who happens to have seen the mountain west’s silicon slopes grow. That may have had something to do with her leaning for all things smart home, lifestyle tech and cyber security.

alicia-betancourt has 1 posts and counting.See all posts by alicia-betancourt