Car Hacking Made Easier By New Technology, Report Says

09/08/2011 07:18 pm ET | Updated Nov 06, 2011

The next time your car breaks down, your mechanic may need a computer science degree to fix it.

As carmakers have introduced new digital technology for vehicles, they have also introduced new security vulnerabilities that hackers could potentially exploit to cause safety problems, according to a new report by the security firm McAfee.

In recent years, the auto industry has allowed consumers to remotely start their cars by cell phone or shut them down if they are stolen. Some vehicles feature Wi-Fi hot spots to provide passengers with Internet access from the road. Many offer Bluetooth, GPS navigation and online help systems. Google has even been researching cars that drive themselves.

But some new features, which are embedded in the car's airbags, radio, seats and brakes, are not secure from hackers, according to the McAfee report, titled "Caution: Malware Ahead."

"There is concern that as the industry advances, there has been little done to ensure the security of these systems," the report said.

The concern over cyber-security in cars is just the latest risk posed to consumers whose daily lives are increasingly becoming connected to the Internet.

While there is little real-world evidence that hackers have stolen vehicles or compromised car safety, there are examples of security researchers finding ways to do just that.

Last month at the Black Hat security conference, Don Bailey and Matthew Solnik from the security firm iSec Partner demonstrated how to remotely unlock a car, start its engine and track its GPS coordinates by sending a text message that hacks into a vehicle's security system. Researchers at University of California, San Diego, and the University of Washington have discovered how to remotely take over a vehicle's engine.

In addition, researchers at University of South Carolina and Rutgers University found they could track the movement of vehicles through Radio frequency identification tags located within the car's tires. The security flaw presented little danger to drivers, but is part of a growing number of privacy concerns related to hackers and car technology. Earlier this year, a GPS provider recorded driver behavior and sold it to Dutch police to use to target speeders.

Before buying a new car, consumers should consider whether any features are connected to the Internet and how they are secured, whether there is any way to determine it those features have been compromised and whether the vehicle stores data from connected smartphones, according to the report.

"We are now in the age of computer chips and systems that provide greater efficiencies in today's vehicles," the report said. "But 10 years from now, will these same systems continue to hold consumer confidence, or will they quickly become another avenue for malware and breach of privacy data?"

YOU MAY LIKE