Imagine driving down the freeway at 70-miles per hour, and suddenly your vehicle starts to accelerate all by itself. Or if the steering wheel starts to turn by itself, the radio volume maxes out, and the transmission changes gears by itself, it sounds like it could only happen if you have a ghost in your car, or so we thought until about eight months ago when two hackers took over a 2014 Jeep Grand Cherokee.
The Jeep event got the attention of automakers worldwide and Jeep immediately issued a recall to beef up security on their models. So is this something else you should be worried about? The FBI and politicians think you should.
The FBI just issued a warning on this subject. Their concern is all the things on newer cars that are Internet or cellular based. Things like your keyless entry system, vehicle infotainment systems, navigation systems, wireless diagnostics, even some tire pressure-monitoring systems. Auto systems that are tied to your cell phone, like what I have on my Corvette through OnStar, expose consumers to identity theft from all the information you keep on your cell phone.
While some automakers are sharing information about hackings they know of, there is no current legislation to set a standard for vehicles. It is in the works, however, and could come under the direction of the National Highway Traffic Safety Administration later this year.
So what can we do in the meantime to protect our cars and information? First and foremost, watch for recalls that strengthen your car’s cyber security. Check your VIN at safercar.gov on a regular basis, and watch your manufacturer’s website for information. Sign up for information on the automaker’s website if it discovers a hacking incident. Ironically, some of these updates can be done remotely.
If you get something in the mail that has to be plugged into your car, be sure it is actually from the manufacturer of your vehicle. Also, take vehicle security seriously. Make sure your car is locked every time you get out of it to prevent anyone from placing a device on your car. Know, too, that aftermarket devices in your car, like a portable navigation system, can exposure your vehicle to cyber attacks.
Watch leaving any kind of passwords in your car. Many of these systems, like OnStar, can kill your ignition in the event your vehicle is stolen, so like any password, protect it and make it hard to guess.
As this threat becomes more real, and we learn more about where the vulnerabilities are, all the automakers will be sharing information with their owners about how to decrease the threat of someone taking over and controlling your car. Besides the Chrysler recall of Jeeps, General Motors and BMW have already issued security updates on some of their vehicles after it was discovered that hackers could open the doors of owners’ cars, and with the GM models, they could be started.
There is still much to learn on this subject. My best advice is to be aware of any news from your manufacturer, and if updates are available, get them installed after making sure they are legitimate.