Reading Time: ~ 3 min.

An unfortunate reality of all smart devices is that, the smarter they get, and the more integrated into our lives they become, the more devastating a security breach can be. Smart cars are no exception. On the contrary, they come with their own specific set of vulnerabilities. Following high-profile incidents like the infamous Jeep hack, it’s more important than ever that smart car owners familiarize themselves with their inherent vulnerabilities. It may even save lives.

Want smart device shopping tips? Make sure your security isn’t sacrificed for convenience.

Smart Car
Vulnerabilities

At a recent hacking competition, two competitors were able
to exploit a flaw in the Tesla Model 3 browser system and compromise
the car’s firmware. While the reported “Tesla hack” made waves in the industry,
it actually isn’t even one of the most common vulnerabilities smart car owners
should look out for. These, easier to exploit, vulnerabilities may be more
relevant to the average owner.

Car alarms, particularly aftermarket car alarms, are
one of the largest culprits in smart car security breaches. A recent study
found that at least three million vehicles are currently at risk
due to insecure smart alarms. By exploiting insecure direct object reference
(IDORS) issues within the alarm’s software, hackers can track the vehicle’s GPS
location, disable the alarm, unlock doors, and in some cases even kill the
engine while it is being used.

Key fobs are often used by hackers to gain physical
access to a vehicle. By using a relay attack, criminals are able to capture a
key fob’s specific signal with an RFID receiver and use it to unlock the car.
This high-tech version of a duplicate key comes with a decidedly low-tech
solution: Covering your key fob in aluminum foil will prevent the signal from
being skimmed.

On-Board diagnostic ports are legally required for all vehicles manufactured after 1996 in the United States. Traditionally used by mechanics, the on-board diagnostics-II (OBD-II) port allows direct communication with your vehicle’s computer. Because the OBD-II port bypasses all security measures to provide direct access to the vehicle’s computer for maintenance, it provides particularly tempting backdoor access for hackers.

Protecting Your
Smart Car from a Cybersecurity Breach

Precautions should always be taken after buying a new smart
device, and a smart car is no exception. Here are the best ways to protect your
family from a smart car hack.

Update your car’s firmware and keep it that way. Do
not skip an update because you don’t think it’s important or it will take too
much time. Car manufacturers are constantly testing and updating vehicle
software systems to keep their customers safe—and their brand name out of the
news. Signing up for vehicle manufacturer recalls and software patches will
help you stay on top of these updates.

Disable unused smart services. Any and all of your
car’s connectivity ports that you do not use should be turned off, if not
altogether disabled. This means that if you don’t use your car’s Bluetooth
connectivity, deactivate it. Removing
these access points
will make your car less exposed to hacks.

Don’t be a beta tester. We all want the newest and
hottest technologies, but that doesn’t keep us at our most secure. Make sure
that you’re purchasing a vehicle with technology that has been field tested for
a few years, allowing time for any vulnerabilities to be exposed. Cutting-edge
technologies are good. But bleeding edge? Not so much.

Ask questions when buying your vehicle and
don’t be afraid to get technical. Ask the dealer or manufacturer which systems
can be operated remotely, which features are networked together, and how those
gateways are secured. If you’re not comfortable with the answers, take your
money elsewhere.

Advocate for your security. As smart cars become so
smart that they begin to drive themselves, consumers must demand that
manufacturers provide better security for autonomous and semi-autonomous
vehicles.

Only use a trusted mechanic and be mindful of who you
grant access to your car. OBD-II ports are vulnerable but necessary, so
skipping the valet may save you a costly automotive headache down the line.

Keep the Conversation
Going

As our cars get smarter, their vulnerabilities will change.
Check back here to keep yourself
updated on the newest trends in smart car technologies, and stay ahead of any potential
threats.


The post Keeping Your Vehicle Secure Against Smart Car Hacks appeared first on Webroot Blog.