The Mechanic Doctor

Resources for Amateur and Pro Auto Mechanics

The Mechanic Doctor
Thief hacking a car
Blog 

How Auto Tech Advances And Hacking Risks Go Hand-In-Hand

The Mechanic Doctor , ,

Our cars have been “digital” for years. From innovative GPS systems to many of the features you see on your dashboard, elements of our vehicles have been partially computerized for some time now. Any mechanic worth their stuff knows this.

However, in the past decade, mechanics and their apprentices have witnessed leaps and bounds in auto technology. Vehicles are becoming more sophisticated with fancy tools – self-driving capabilities, Android Auto, Apple Car Play, etc. We live in a world where our cars are getting smarter, and as our vehicles evolve, so do their corresponding threats.

“If it’s a computer and it connects to the outside world, then it is hackable,” said Yoni Heilbronn, vice president of marketing at Argus Cyber Security. Today, we want to talk about how hacking goes hand-in-hand with the vehicle improvements we’re seeing, what’s being done to combat it – as well as how mechanics can play a role in it all.

New Systems = New Games for Hackers to Play

Hacking car systems isn’t new. Back in 2010 and 2011, researchers at the University of Washington and the University of California at San Diego were already publishing papers that illustrated the vulnerabilities of cars that connect to the internet.

Now, even more tech advancements are being added to a higher percentage of cars, and hackers have new games to play in the future of transportation.

There are many ways to access a car remotely – via cellular networks, WiFi access points, or even the manufacturer’s back-end system. With this kind of power, hackers have the potential to take over vehicle systems and harm drivers, as well as steal items from inside vehicles that were previously locked.

There’s a Whole Network of Criminal Information Out There

According to a study titled “Under The Hood: Cybercriminals Exploit Automotive Industry’s Software Features,” conducted by Cybersecurity firm IntSights, criminals are already circulating plenty of data online that intently describe how to hack into car systems.

From learning to implant malware to interfering with features like maps or security, cybercriminals have a plethora of information at their fingertips that will direct them down the path they’re seeking.

Most commonly, hackers are learning to target cars’ Controller Area Network protocol – and when they do that, they can access all of the vehicle’s functions.

Online Shops Sell Car Hacking Tools

The same IntSight reported referenced earlier stated they “discovered easy-to-find online shops that sell car hacking tools on the clear web. These online shops sell services that disconnect automobile immobilizers, as well as services that sell code grabbers and forums that give bad actors a complete tutorial on how to steal vehicles.”

If a cybercriminal can get their hands on a “code grabber,” all they have to do is copy or intercept signals from a vehicle to remotely open and start the car. What’s even more convenient is that automobiles are most susceptible to hacking when the vehicle is parked, as long as the hacker can connect to a WiFi access point or cellular network attached to the vehicle.

What’s Being Done to Solve the Problem?

You might have seen Tesla’s recent challenge: if you can hack their Model 3, you’ll earn $1 million and a free Tesla car.

The company has been participating in plenty of hacking events to find as many flaws in their security systems as possible and for good reason. In 2018, a group of hackers named Fluoroacetate were able to demonstrate how they were able to manipulate a Model S to drive in the wrong lane through an adversarial attack.

Tesla’s not the only one working on anti-hacking protocols for automobiles. GuardKnox, an organization founded based on the need for automotive cybersecurity, is working to create something called a Secure Network Orchestrator (SNO). The SNO would offer comprehensive vehicle cybersecurity protection from online attacks as soon as it’s installed in a vehicle.

The NHTSA has also adopted a strong stance on mitigating cybersecurity safety risks. Back in 2015, they recalled 1.4 million vehicles impacted by the first (and currently only) cybersecurity-related recall. The organization works to identify risks and protection processes for safety-critical vehicle control systems, as well as rapid detection methods for potential incidents on the road.

As a mechanic, it doesn’t matter if you’re working on new $100K Teslas in California or run-of-the-mill used cars for sale in Albuquerque. You’re eventually going to be a part of the solution that helps prevent hacking by overseeing more cybersecurity evolutions and implementing tools in the next few decades.

How to Protect Vehicles

Although there are no proven ways to entirely prevent a cyberattack from impacting you or your vehicle, there are ways you can decrease your chances of exposure to such a threat.

Update car firmware

You know those annoying prompts to update the firmware? Don’t ignore them! The car manufacturer could very likely be developing important software updates as you read this article, and installing them could help you and your customers stay safe on the road.

Disable smart devices when not in use.

Is your customer not using the car’s Bluetooth features? Deactivate it. Are they not a fan of its built-in GPS system? Disable it. The fewer access points hackers have to a vehicle’s system, the lower your risk becomes of cybersecurity issues.

Keep researching security

Stay up to date on the latest cyberthreats. Mechanics of the future will need to be armed with the knowledge of cybersecurity in automotive. Be sure you’re staying up to date on the latest innovation in the field and how new vehicles are using it.

Be THAT trusted mechanic

People need a source of knowledge they can turn to for questions about cybersecurity – without worrying that you’re going to try to sell them something. Now’s your chance to be a part of a movement that prevents hackers from getting away with digital crimes regarding vehicles.

In Conclusion

“Vehicles are nothing more than computer networks on wheels now,” automotive security expert Alissa Knight stated on Car and Driver. With that mindset, it comes as no surprise to learn that as increasing numbers of drivers get behind the wheels of “smart” cars, hackers have the opportunity to manipulate technology and commit crimes.

Fortunately, steps are being taken to mitigate the danger. With the help of developing security software, consumer & manufacturer awareness, and research on cybersecurity activity, mechanics can play a key role in reducing risks of invisible attacks on cars in the coming years.