Hotwiring cars could soon become just a quaint feature of period crime thrillers, as researchers have devised ways of hacking into a vehicle owner’s smartphone car key app. Because Hyundai’s Blue Link app (which is available on iOS and Android) was storing key user data in clear-text format, hackers could – until recently – access sensitive data and even locate, unlock and start connected vehicles. The carmaker has taken steps to eradicate this glitch, which in any case would have been impractical to exploit on a large scale.
There’s no room for complacency, however. In 2015, Fiat Chrysler had to recall 1.4 million Jeep Cherokees that were vulnerable to hacking. Talk about a pricey mistake – that recall incident was of monstrous proportions. And researchers aren’t giving up on the concept of car hacking either. A Chinese team has come up with a cheap and easy gadget that replicates the signal from a wireless car key fob to open the doors on several different car models – and their kit cost them less than $50 to create.
There are several ways to foil potential carjacks – one of which, coincidentally, is to wrap the key in foil – or alternatively in a Faraday bag that blocks transmissions. Car manufactures could also prevent relay attacks by requiring tighter timing constraints in the call-and-response communications between key and car, which would at least prevent longer distance hacks. The bottom line is this – the smarter our cars get, the more vulnerable they become to hacking. And unfortunately, carmakers are currently still very much trailing behind the cybersecurity standards experts are calling for.
For more on the recent cheap car-stealing kit: https://www.wired.com/2017/04/just-pair-11-radio-gadgets-can-steal-car/