The sophistication of the computers installed in cars may expose them to the risk of an attack in cyberspace
If it is not enough for us to fear hackers breaking into the laptop or cell phone, in the near future, our car may also be exposed to computer hacking. With each new model year, the cars become more computerized and sophisticated, with the familiar mechanical devices gradually giving way to a sophisticated system of computers linked both to each other and to the Internet. In early 2011, a group of researchers proved that a hacker could use a cell phone to open the car doors and start it remotely, then get behind the wheel and drive away. In a study presented in March of this year to a committee of the National Academies of the United States, Stephen Savage, a professor of computer science at the University of California, San Diego, and Tadashio Kuno of the University of Washington injected malicious software into the computer system of a certain model car, using the wireless Bluetooth links and the cell phone line of This system itself. It turns out that the software can be used to take over the car's computer system, including its engine. The study "teaches the need for security measures in the computer networks installed in vehicles," says Olaf Heniger, a researcher at the Fraunhofer Institute for Information Security Technology in Germany.
Credit: quinn.anya Flickr
Heniger and his colleagues are working to develop just such security measures. Heniger is a member of EVITA, a venture launched in 2008 with the help of the BMW Group, Fujisto and others with the goal of developing a prototype security system that automakers could adopt to build more secure computer networks for their cars. As part of the project, which is expected to be successfully completed at the end of 2011, prototypes have already been developed designed to encrypt or verify data transmitted within the computer system installed in the car, between it and other cars and between it and equipment installed on the road.
It is not yet clear whether car manufacturers will be willing to invest in increased security, says Anap Ghosh from the Center for Secure Information Systems at George Mason University in Virginia. Many car manufacturers claim that their cars are already sufficiently secure. Ford cars are equipped with built-in "firewall" software designed to protect its SYNC system from network attacks and cut off the car's control network and the information and entertainment network installed in it, says Rich Strader, who heads the company's information technology security system and strategic activity in the field It. General Motors says its mobile app does not communicate directly with the car, but instead connects to the OnStar security and communication network, which requires identity verification.
The study does not claim that cars have suddenly become vulnerable to cyber attacks. Savage, Kuno and their colleagues simply report the results of the experiments they conducted over several years. However, it seems that the never-ending mind game between hackers and security experts is now playing out in another, new arena.
