Researchers took more than a decade to get around the security features of the car.
Automakers are preparing for connected cars, where more cars will have an internet connection than ever before. These cars will be able receive software updates and communicate with other vehicles and the infrastructure. This should make driving safer. However, an internet connection can pose security risks and be dangerous for cars. Mercedes last year announced that it had fixed 19 security issues in its vehicles. A new report details these risks.
TechCrunch states that Minrui Yan from Sky-Go’s security team gave the breakdown during this year’s Black Hat security conference. Researchers were able to take control of the vehicle’s Mercedes E-Class through 19 vulnerabilities. To exploit security risks, researchers created an attack chain and gained access to the vehicle’s TCU (telematics control unit). The group could execute vehicle commands such as opening doors and starting engines.
Sky-Go was unable to gain access to the vehicle’s security, which could have serious consequences. They had to do more than a year’s research to gain control of the vehicle. The team then had to take down the embedded SIM card. According to TechCrunch researchers, the vehicle was protected against multiple attacks and had strong security.
But, vulnerabilities can still be found in any internet-connected device. A teenager gained control of several high-profile Twitter accounts just this month. While it’s unlikely that your local criminal will do a year of research in order to hack a car or make any other cybercriminals, criminal organizations and governments might. Automakers will continue to pack more software and technology into cars, connecting them with the internet. The data they collect and the vehicles they control becomes valuable. People will try to take advantage of this. It sounds awfully like hacking a car can be a hassle.