Matthew Broderick & Ally Sheedy in the 1983 hacking classic WAR GAMESEnlarge Photo
Worried about your car being hacked? The Federal Bureau of Investigation and the National Highway Traffic Safety Administration are, too, and they've published some handy tips to keep you and your ride safe.
A changing world
Not so long ago, hacking cars was an unfeasible endeavor--or at least, very, very cumbersome. Remember back in 2013 when a couple of guys hacked a Toyota Prius, but had to be in the car, with wires running to the dashboard, to wreak havoc on it? It wasn't what most of us would consider a threat.
By last summer, however, things had changed dramatically. Hackers had found ways to hijack dongles plugged into onboard diagnostics ports, auto-related smartphone apps, and most importantly, telematics networks like Uconnect and OnStar.
Over time, these vulnerabilities will multiply. As our cars become increasingly autonomous, they're likely to begin talking to one another, and in doing so, they'll create networks. Networks are the playground of hackers because with the right code, ne'er-do-wells can affect dozens, hundreds, or thousands of vehicles at once, maximizing their returns.
Hackers' targets can vary, depending on their goals, but most work via the computers that reside in our cars and control various functions. The FBI explains:
"Motor vehicles contain an increasing number of computers in the form of electronic control units (ECUs). These ECUs control numerous vehicle functions from steering, braking, and acceleration, to the lights and windshield wipers. A wide range of vehicle components also have wireless capability: from keyless entry, ignition control, and tire pressure monitoring, to diagnostic, navigation, and entertainment systems. While manufacturers attempt to limit the interaction between vehicle systems, wireless communications, and diagnostic ports, these new connections to the vehicle architecture provide portals through which adversaries may be able to remotely attack the vehicle controls and systems. Third-party devices connected to the vehicle, for example through the diagnostics port, could also introduce vulnerabilities by providing connectivity where it did not exist previously."
What can you do?
The chances that you'll be a victim of hacking in the near future are relatively remote--especially if you own an older vehicle that's not connected to a telematics network or accessible via an app. Over time, though, the odds will increase, so the FBI and NHTSA want drivers to start developing good habits now. Their suggestions include:
1. Ensure that your car's software is up to date: Every couple of weeks, we seem to learn about vulnerabilities in the apps and other programs that reside on our laptops, tablets,and smartphones. Software engineers tidy up that code, remove the loopholes, and push out updates to keep us and our data safe. The same practices should be used in cars--though it's recommended that owners verify the authenticity of the software they're downloading and avoid getting it via any website or service that's not run by the automobile manufacturer.
2. Don't hack your own software: It might be tempting to root a tablet or jailbreak a smartphone, but doing so to cars could be especially dangerous and put lives at stake.
3. Pay attention to what's plugged into your car: Between diagnostic, USB, and other ports, there are multiple ways to access our vehicles via third-party devices. Be choosy about what you plug in, lest you open doors to bad guys and gals.
4. Know who has access to your vehicle: Obviously, if a hacker can get into your car, he or she can create all sorts of problems by without your knowledge. In much the same way that you lock your computer and your smartphone, take steps to restrict physical access to your car.
For more on this, check out the full statement from the FBI and NHTSA. You'll find additional information about keeping your car safe, and details about what to do if you think you've been the target of a hacking attempt.