Vehicle Cyber Crime Attacks Double

Uploaded on 2020-06-11 in FREE TO VIEW, BUSINESS-Services-Transport & Travel, TECHNOLOGY--Hackers

The threat of attacks of attacks on vehicle is growing and the concept of car cybercrime will become much more common with the increasing number of cars on the road which are vulnerable to hackers and scammers, according to research carried out by online comparison firm Uswitch.

As more connected devices come into your home the levels of risk involved increases. The awareness that scammers and hackers are actively targeting the growing network of IoT devices is becoming common knowledge and taking steps to keep  personal data safe has become part of everyday life. However, there’s one device you may not consider when keeping tabs on your data security, your car.

When talking about ‘connected cars’, this is essentially shorthand for vehicles that send data about the driver and internal systems back to the manufacturer over the Internet. The term also applies to actions the owner can perform with the car. These might include remote locking, linking up your smartphone to play your favourite tunes or even using an in-car app to pay at a toll booth.

Cyber-attacks on connected cars have increased by 99% in the last year, according to Uswitch. Potential threats include cyber-attacks against cars’ perception sensors, which could trick vehicles into ‘seeing’ something that is not there, or not seeing something that is. 

Connected cars can collect up to 25GB of data from various sources every hour and hackers can try to manipulate vehicles through data connections and ‘shared information protocols’, such as vehicle-to-vehicle or traffic monitoring, using a vehicle’s in-built Apps that can track things like location, entertainment preferences and even financial information.

The online and telephone comparison and switching service USwitch has identified several ways that vehicles can be compromised, ranging from weaknesses in apps and theft of personal data, to keyless car theft and  taking control of a vehicle remotely. Many people also sync their phone with their car to use Apps and entertainment systems, as well as share contacts for hands-free calls via the in-built speakers.

Each of these connections are an increased opportunity for hackers to find a vulnerability and steal data via remote access.

Apps that communicate directly with cars are becoming more popular and this makes them a tempting target for criminals.
If these applications have any vulnerabilities, they can allow for unauthorised access to the owner’s personal data and even features of the car itself. 

Nissan had to shut down one of its Apps after testing by security researchers revealed a vulnerability that could allow hackers to remotely control the car’s heated seating, fans, air conditioning and heated steering wheel. Keyless theft or key hacking is another way thieves attack the systems used to control a car.When the key is near the car, it passively sends out the signal that tells it to unlock. Car thieves have figured out a way to scan for that signal and then hack it, to give them access to the car.

In certain scenarios, hackers are also able to take control of safety-critical aspects of a vehicle’s operation. This means that some vehicles may contain vulnerabilities that allow hackers to access functions like steering control, braking and even turning off the engine. 

Connected cars send data about the driver and vehicle systems back to the manufacturer over the internet. They also allow owners to carry out actions such as remote locking, smartphone linking to play music or using an app to pay at a toll booth.

While all these actions happen at the click of a button or touch of a screen, a lot of complex programming required to make it seem so simple. A modern car uses about 150million lines of computer code, while a Boeing 787 jet uses just 6.5million. All this coding makes cars potentially very vulnerable.

AutomotiveManagement:       USwitch:       Daily Record:    Inst. of Mechanical Engineers

You Might Also Read:

Cyber Criminals Target UK Motorists:

 

« Coronavirus Tracing Apps Conflict With Privacy
Five Ways Automation Can Help Fix The Cybersecurity Skills Shortage »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BruCON

BruCON

Brucon is Belgiums premium security and hacking conference.

National Cyber Security Centre Finland (NCSC-FI)

National Cyber Security Centre Finland (NCSC-FI)

The NCSC-FI develops and monitors the operational reliability and security of communications networks and services in Finland.

IBackup

IBackup

IBackup is a Web Based Online Backup service provider.

CERT-PA

CERT-PA

CERT-PA is the national Computer Emergency Response Team for Italian government institutions.

SentinelOne

SentinelOne

SentinelOne is a pioneer in delivering autonomous security for the endpoint, datacenter and cloud environments to help organizations secure their assets with speed and simplicity.

MonsterCloud

MonsterCloud

MonsterCloud is a leader in managed cyber security services. Our cyber security team constantly monitors and protects businesses from cyber threats.

Careerjet

Careerjet

Careerjet is a leading online job search engine with a large presence worldwide, sourcing millions of job ads from thousands of websites from all over the world in areas including Cybersecurity.

Cyber Command - Estonian Defence Forces

Cyber Command - Estonian Defence Forces

The main mission of the Cyber Command is to carry out operations in cyberspace in order to provide command support for Ministry of Defence’s area of responsibility.

Cryptyk

Cryptyk

CRYPTYK CLOUD is the first complete enterprise-class cloud security solution that includes cloud storage and broad protection against all external and internal threats.

Nucleus Security

Nucleus Security

Nucleus is a leading Vulnerability Management platform for Large Enterprises, MSPs/MSSPs, and Application Security Teams that want more from their vulnerability management tools.

Finnish Security & Intelligence Service (SUPO)

Finnish Security & Intelligence Service (SUPO)

The Finnish Security and Intelligence Service is a government agency tasked with combating serious threats to national security in Finland.

Keysight Technologies

Keysight Technologies

Keysight is dedicated to providing tomorrow’s test technologies today, enabling our customers to connect and secure the world with their innovations.

Cyber Security Canada

Cyber Security Canada

Cyber Security Canada is an accredited Certification Body for government-backed Cyber Security Certification Programs, designed specifically for small and medium-sized Canadian businesses.

Patriot Consulting Technology Group

Patriot Consulting Technology Group

Patriot Consulting's mission is to help our clients manage cybersecurity risk through secure deployments of Microsoft 365.

ZainTech

ZainTech

Zaintech is a regional digital & ICT solutions provider offering comprehensive digital solutions and services to enterprise and government customers in the MENA region.

Yarix

Yarix

Yarix is the leading company in Var Group’s Digital Security division and one of the most recognised, innovative and authoritative Italian companies in the IT security sector.