Leave a comment

Hackers can hijack cars using malware hidden in songs

Hackers can hijack cars using malware hidden in songs
Image courtesy of Shutterstock.com

The operating systems of modern cars are becoming increasingly sophisticated. They notify you of potential mechanical problems, sync to your smartphone and some even turn your car into a Wi-Fi hot spot. But, with all of these upgrades, is your car more secure?

The answer is, probably not. It's the same issue we see in the "Internet of Things" industry, or market for smart home products. As products get smarter, they also become more susceptible to being hacked. In fact, just the other day, we told you about Shodan, a creepy search engine that seeks out unsecured Web cams, baby monitors and security systems.

When it comes to the modern operating systems of cars, new concerns have been popping up. One of which is the recent discovery made by researchers showing that some cars can be taken over completely just by playing one song on a CD.

It wasn't just any song, though. This song was laced with malicious code that was loaded on the CD itself. So, as soon as the song was played, the malware was released. "Give me 18 seconds of playtime," said researcher Stefan Savage, "and we can insert the attack code."

Of course, hackers probably won't be distributing CDs to attack your car's system. It's not really their style. But, it was an eye-opening discovery to see just how vulnerable these operating systems are. This could be caused by the fact that most car systems are comprised of various third-party software with poorly written code.

Another problem is that most cars have two separate systems - one for mechanical components like brakes and engines, and one for smaller components like climate control. To work properly, both systems have to talk with one another, and that leaves plenty of room for something to go wrong.

What's the solution? That's difficult to say. Installing security features like firewalls and detection systems isn't a simple task. At least, not in cars. The architecture of these systems is just too complex for a quick fix. And cost is a huge factor within the auto industry, which is always looking for ways to cut manufacturing costs and improve margins.

As of right now, there's nothing to do but wait. The problem has been identified, but it will be up to the auto industry to fix it.

In the meantime, Savage and his team are doing what they can to keep full details of their report out of the wrong hands. Much of the team's findings have not been released to the public. And that's for our own good. The team is working privately with manufacturers and regulators in an effort to find a solution. But keeping quiet has been a challenge.

"As an academic, it felt weird not publishing my research," Savage said. "But, it's a trade-off. Had we published, then there would be a pool of cars out there that were easily hackable with a little knowledge."

Next Story
Source: The Register
View Comments ()
Chrome will warn you against all 'http' sites
Previous Happening Now

Chrome will warn you against all 'http' sites

Here's why your iPhone battery dies when it's cold out
Next Happening Now

Here's why your iPhone battery dies when it's cold out