INTEL-OWNED SECURITY FIRM McAfee has warned of security flaws in common car computer and electrical systems that could cause significant risk to drivers or their vehicles.
The findings were revealed in a report entitled "Caution: Malware Ahead", which was written by McAfee, Wind River, and Escrypt. It examines the security holes in airbag systems, radios, power seats, anti-lock braking system, electronic stability controls, autonomous cruise controls, communication systems and in-vehicle communication, exposing some worrying dangers.
McAfee found that hackers could remotely unlock and start a car from a mobile phone, disable a car remotely, track a driver's location, activities and routines, steal personal data from a Bluetooth system, disrupt navigation systems and disable emergency assistance.
The automobile industry is adding more technological features all the time, enhancing the driving experience, but it seems that the security of these features is being ignored. Just as the rise of smartphones and tablets has led to malware appearing on those devices, we can expect the same for car computer systems as they become more popular and widespread.
The problem with car computer systems has already begun showing itself in general software bugs, such as Honda's recent decision to recall one million cars after it discovered the wheels could turn back and forth at random, not to mention a similar software issue that affected 2.4 million cars the month before. If these bugs were to be exploited by hackers the danger could be catastrophic.
"As more and more functions get embedded in the digital technology of automobiles, the threat of attack and malicious manipulation increases," said Stuart McClure, SVP and general manager of McAfee. "Many examples of research-based hacks show the potential threats and depth of compromise that expose the consumer. It's one thing to have your email or laptop compromised but having your car hacked could translate to dire risks to your personal safety." µ
Plus, it's goodbye to Device Assist
Vulnerabilities in the iOS sandbox thankfully found by the good guys
Data watchdog will make sure firm is being fully transparent about the controversial move
Chinese firm reportedly forces staff to do 82 hours of overtime a month