Basically, Every Car Is Now Vulnerable To Hacking

August 20, 2015

The auto world has been thinking a lot about hacking lately. For years, it wasn't much of a concern, but now that many new cars are connected to telematics networks like Uconnect and OnStar and to cellular networks via dongles attached to their onboard diagnostics ports, our rides are becoming increasingly vulnerable.

READ: 2016 Toyota Tacoma: First Drive

As proof, consider recent stories about Volkswagen (including Audi and Porsche), BMW, and Mercedes-Benz. We have a feeling that this is just the tip of the proverbial iceberg.

CHIPS ARE DOWN AT VOLKSWAGEN

Volkswagen's story is perhaps the more troubling, and it's definitely the harder to repair. That may explain why the automaker spent two years trying to hide the information from the public. 

VW's vulnerability is rooted in radio-frequency identification (RFID) chips manufactured by Megamos Crypto. Those chips help keep VW vehicles locked up tight and prevent them from starting without the proper key fob.

Unfortunately, at least one team of researchers has broken Megamos' cryptographic system, making it possible to carry out brute force attacks on vehicles equipped with the chips. Brute force attacks are basically automated trial-and error attempts to break through security walls. They can take time, sifting through all the possible combinations of "passwords", but eventually, they find a way through.

How much time do they need? Researchers Roel Verdult, Baris Ege, and Flavio Garcia rammed through one of Megamos' chip systems in about 30 minutes.

On the upside, that's a long time for just one break-in. For most thieves, the return isn't worth that kind of effort or risk.

CHECK OUT: Would You Buy A Chinese-Made Car? Buick May Want To Know

On the downside, plenty of luxury vehicles like Bentleys and Lamborghinis use Megamos RFID chips, and those cars are often targeted by car thieves looking to steal very specific vehicles. In such cases, 30 minutes is nothing, given the cash that thieves can score in exchange for a boosted ride.

Also on the downside: Megamos chips are found in plenty of other cars, too, including some made by Fiat Chrysler and Honda.

But the biggest problem of all is that fixing these systems isn't just a matter of rewriting a few lines of code and sending out an over-the-air update. The chips themselves and the transponders with which they communicate have to be removed and replaced, which is time-consuming and costly.

Volkswagen was told about the problem in 2013 and sued the researchers to keep their findings out of public view. The group has been negotiating with VW for the past two years to publish their work. They're sharing it this week at a conference in Washington, D.C., with one key sentence redacted.

APPS GO AWRY FOR BMW, BENZ

The problem with BMW and Mercedes-Benz vehicles is just as dangerous -- maybe even more so -- but it's easier to fix.

It was identified by Samy Kamkar -- the same Samy Kamkar who found the hole in OnStar's RemoteLink app (which has since been patched). That vulnerability could be exploited to give ne'er-do-wells with the right equipment access to a range of GM vehicles, allowing thieves to start, stop, and open the cars.

On a hunch that similar problems might affect apps from other automakers, Kamkar carried out tests on BMW’s Remote app and the Mercedes-Benz mbrace app using his homemade "OwnStar" hacking tool. To no one's surprise, he discovered that he could grab app users' login information and gain some degree of control over their vehicles. He found similar problems in the Chrysler Uconnect app and the Viper Smartstart app. As Wired's Andy Greenberg reports:

2017
The Car Connection
See the nominees and vote »
2017
The Car Connection
Best Car to Buy
Coming Soon
 
The Car Connection Daily Headlines
I agree to receive emails from the site. I can withdraw my consent at any time by unsubscribing.
Thank you! Please check your email for confirmation.
Ratings and Reviews
Rate and review your car for The Car Connection
Review your car