Hackers can take control of your car – How to protect yourself
The right software can turn your smartphone into a spy device that watches everything you do. Scary, I know. Here’s how to check if your phone is infected. While at it, check your computer. These are the signs that stalkerware is hard at work tracking your web activity, searches and even the passwords you type in.
Shockingly, your car isn’t immune. With the proper electronics and software techniques, a determined hacker can intercept or block your key fob signal, infiltrate your car’s software and even remotely control your vehicle.
So, is your connected car hackable? Most likely, yes. Here’s how.
Software hacks
Compromised car apps
Does your car have a smartphone app that allows you to unlock and start it remotely? Almost every car manufacturer offers this convenience in some makes and models.
Account usernames and passwords protect these apps. If hackers can break into your account or exploit a bug in the car’s software, they can compromise your entire vehicle.
My advice: To protect your remote start app, change the default password, use strong and unique credentials and never reuse passwords from other services. Enable two-factor authentication if you can, and keep that software current.
Telematics exploits
Telematics is the term describing a connected system remotely monitoring your vehicle’s behavior. This data may include your car’s location, speed, mileage, tire pressure, fuel use, braking, engine/battery status and driver behavior.
By now, you know anything connected to the internet is vulnerable to exploitation. Hackers that intercept your connection can track and even control your vehicle remotely. Now that’s scary.
My advice: Before you get a car with built-in telematics, consult with your car dealer about cybersecurity measures they’re utilizing on connected vehicles. If you have a connected car, ensure its onboard software is always up-to-date.
Networking attacks
Here’s a throwback. Cybercriminals can also employ old-school denial-of-service attacks to overwhelm your vehicle and potentially shut down critical functions like airbags, anti-lock brakes and door locks.
This attack is feasible since some connected cars have built-in Wi-Fi hotspot capabilities. As with regular home Wi-Fi networks, they can even steal your data if they infiltrate your car’s local network.
Also, it’s a matter of physical safety. Remember, multiple computers and Engine Control Modules run modern cars. If hackers can shut these systems down, they can put you in grave danger.
My advice: Regularly changing your car’s onboard Wi-Fi network password is a must. Turning off your car’s Bluetooth and Wi-Fi is also a good idea when not in use.
Your home’s Wi-Fi needs to stay locked down, too. Use these steps to find and remove anything that shouldn’t be on your network.
On-board diagnostics (OBD) hacks
Every newer car has an on-board diagnostics port. This interface allows mechanics to access your car’s data, read error codes and statistics and even program new keys.
Anyone can buy exploit kits that can utilize this port to replicate keys and program new ones to use them for stealing vehicles.
My advice: Always go to a reputable mechanic. A physical steering wheel lock can also give you extra peace of mind.
In-car malware
Another old-school internet hack reaches connected cars, specifically models with internet connectivity and built-in web browsers.
Crooks can send you emails and messages with malicious links and attachments that can install malware on your car’s system. Anything is possible once the malware is installed.
Car systems don’t have built-in malware protections, so this can be hard to spot.
My advice: Practice good computer safety procedures even when connected to your car. Never open emails and messages nor follow links from unknown sources.
Key fob attacks
With the proliferation of cheap electronics and relay gadgets that can be purchased easily online, key fob attacks are more common than ever.
The relay hack
Always-on key fobs present a serious weakness in your car’s security. If your keys are in range, anyone can open the car and the system will think it’s you. That’s why newer car models won’t unlock until the key fob is within one foot.
However, criminals can get relatively cheap relay boxes that capture key fob signals up to 300 feet away and transmit them to your car.
One thief stands near your car with a relay box while an accomplice scans your house with another. When your key fob signal is picked up, it is transmitted to the box closer to your car, prompting it to open.
Keep reading for steps on how to protect your keyfob.
Keyless jamming
In this scenario, crooks will block your signal. Say you issue a lock command from your key fob. It won’t reach your car, and your doors will remain unlocked. The crooks can then have free access to your vehicle.
My advice: Always manually check your car doors before stepping away. You can also install a steering wheel lock to deter thieves from stealing your car, even if they get inside.
How to stop key fob attacks
There are a few easy ways to block key fob attacks. You can buy a signal-blocking pouch that can hold your keys, like a shielded RFID-blocking pouch.
Stick it in the fridge …
Here’s a free solution: Stick your key fob into the refrigerator or freezer. The multiple layers of metal will block the signal. Just check with your manufacturer to ensure freezing your key fob won’t damage it.
… or even inside the microwave
The microwave will also block signals. Just don’t turn it on.
Wrap your key fob in foil
Since your key fob’s signal is blocked by metal, you can also wrap it up in aluminum foil. While it’s the easiest solution, it can leak the signal if you don’t do it right. You could also make a foil-lined box to put your keys in if you’re in a crafting mood.
We may receive a commission when you buy through our links, but our reporting and recommendations are always independent and objective.
Tags: Apple, battery, hackers, infected, smartphones, software, stalkerware