FBI Warns of Vehicle Hacking

1 of 2

FBI Warns of Vehicle Hacking

The US Federal Bureau of Investigation issued a warning about the vulnerability of smart cars to hacking
attacks, stressing that manufacturers should carefully integrate new on-board systems that could allow
attackers to remotely control critical vehicle functions.

Vehicle hacking occurs when someone with a

computer seeks to gain unauthorized access to
vehicle systems for the purposes of retrieving driver
data or manipulating vehicle functionality, reads the
FBI advisory, issued in collaboration with the National
Highway Traffic Safety Administration. While not all
hacking incidents may result in a risk to safety such
as an attacker taking control of a vehicle it is
important that consumers take appropriate steps to
minimize risk. Therefore, the FBI and NHTSA are
warning the general public and manufacturers of

vehicles, vehicle components, and aftermarket devices to maintain awareness of potential issues and
cybersecurity threats related to connected vehicle technologies in modern vehicles.

The FBI bases its warning on past successful hacks on various cars that featured inter-connected and internetconnected systems. The hackers gained remote control over critical systems, such as disabling breaks, shutting
down engines, tampering with steering, and even tampering with door locks and turn signals at high speeds.

Warning consumers to update their vehicles firmware whenever manufacturers make updates available, the FBI
also urged caution when using third-party devices that connect to in-vehicle systems.

While manufacturers attempt to limit the interaction between vehicle systems, wireless communications, and
diagnostic ports, these new connections to the vehicle architecture provide portals through which adversaries may
be able to remotely attack the vehicle controls and systems, warns the advisory. Third-party devices connected to
the vehicle, for example through the diagnostics port, could also introduce vulnerabilities by providing connectivity
where it did not exist previously.

Consumers who already own such vehicles are also encouraged to take minimum security precautions by adhering
to the following checklist:

Verify any recall notices received by following the steps for determining whether a vehicle has been recalled for

a vehicle cyber security issue, as outlined above.

Check on the vehicle manufacturers Web site to identify whether it has issued any software updates.
Avoid downloading software from third-party Web sites or file-sharing platforms.
Where necessary, only use a trusted USB or SD card storage device when downloading and installing software
to a vehicle.
Check with the vehicle dealer or manufacturer about performing vehicle software updates.

umbleUpon
it