Your TV can be hacked!
This is from the Norton by Symantec newsletter this week:
Vehicle disablement. After a disgruntled former employee took over a Web-based vehicle-immobilization system at an Austin, Texas, car sales center, more than 100 drivers found their vehicles had been disabled or their horns were honking out of control.
Tire pressure system hacking. Researchers from the University of South Carolina and Rutgers University were able to hack into tire pressure monitoring systems. Using readily available equipment and free software, the researchers triggered warning lights and remotely tracked a vehicle through its unique monitoring system.
Disabling brakes. Researchers at the University of Washington and University of San Diego created a program that would hack into onboard computers to disable brakes and stop the engine. The researchers connected to onboard computers through ports for the cars’ diagnostic system.
Is your car at risk?
The potential for car hacking is real, although there may not be a financial incentive for hackers to focus on autos just yet, say the experts. “All the malware attacks consumers are faced with every day have financial motives behind them,” says Ryan Smith, a principal researcher with Accuvant Labs who finds vulnerabilities in computer systems.
Most of the danger right now may come from hackers who want to demonstrate their prowess and enhance their reputations, says Tarnutzer. And the increased reliance on wireless systems -- such as the tire pressure monitoring system -- makes your car more vulnerable to these attacks, says John Bambene, a security researcher with the Internet Storm Center, the global cooperative community that monitors cyberthreats.
Protect your car from hacking
Security is largely in the hands of auto manufacturers, who are working to address concerns. In the meantime, you can take these steps to protect your vehicle:
Ask about wireless systems. Familiarize yourself with the wireless systems if you’re purchasing a new car, advises Bambenek. For a car you already own, you can review your manual or check online. Find out if any of the systems can be operated remotely.
Ask about remote shutdown. If you’re financing through the company from which you purchased the vehicle, ask about remote shutdown related to repossession. Make sure the seller has security measures in place that control access to the system.
Go to reputable dealers and repair shops. It’s possible for unscrupulous garages to manipulate your car’s computer systems, making it appear you need repairs that aren’t actually warranted. Don’t cut corners when it comes to choosing a dealer or repair shop.
Protect your information. Of course, locking your car is always wise. And if you use OnStar -- the GM-owned auto security and information service -- make sure you don’t leave OnStar-related documents or your password in the car, says John Luludis, president and co-founder of Superior Tech Solutions, an IT provider, and a former car industry tech executive. Since OnStar can remotely shut off your engine if you report the vehicle stolen, there’s the potential for mischief if your password falls in the wrong hands.
Be cautious about after-market devices. After-market car systems may not be as rigorously tested or designed, opening you to vulnerabilities, says Tarnutzer.
Luludis compares the use of computers in cars to the development in our use of personal computers. Hacking exploded when the Internet evolved, making it easy to access computers via networks. Wireless connections mean your car is no longer a closed system. “Once you have connection to vehicles, you have an entry point for people to try to access,” says Luludis. “The only thing standing in their way now is a standardized piece of software. It’s a concern we need to address.”
|