What is automotive (car) hacking?

2022 05 03 · 3 min read

Having your car hacked is still quite a new concept these days. Many people only sometimes consider this as a possibility because of the lack of information about this subject. Why would someone need to hack into my car? Well, according to Upstream, cyber attacks on cars increased by 225% in the last three years, from 2018 to 2021.  

The main concern is undoubtedly safety, making this topic even more essential. In reality, a person can also access your private information linked to your car and even control it.  

Hence, in this blog, we discuss what is automotive (car) hacking, what methods can be used to perform such attacks and how to protect from them. 

Automotive hacking: the concept 

Automotive hacking is the act of gaining access to a vehicle by means of finding loopholes in software, hardware, or communication systems like Bluetooth or Wi-Fi. In some cases, cars have more lines of code than aircraft. This means that potentially more weaknesses could be found and exploited.  

Modern cars have many features which make driving easier and more pleasurable but not necessarily safer. The more sophisticated the system is, the more your car is connected, and the more functions can be taken control of. 

What are automotive hacking methods? 

Even though you may have a modern or exotic car commonly equipped with a keyless entry or a smart key system, you must be aware of how hackers can access your car. Below we present some of the most well-known automotive (car) hacking methods:

Hacking key fobs 

Modern cars require the use of key fobs to open them. Even though we use this technology almost every week or day, it can be used against us. You may have heard someone advise you not to keep your car key near a window, right? An intruder may use a method known as a relay attack to pick up the key fob signal, forward it further, mimic the key signal and access your car. It is relatively inexpensive to create a device capable of such an attack. The hacker may use a car hacking device and be able to unlock your automobile and, in some cases, even drive away with a car that does not require key ignition.  

How can you protect yourself from such occurrences? There is more than one method you can apply to protect your automobile. For example, you can mechanically block key fob signals by using a faraday-style wallet or a metal container for your key. Also, make sure your keys are out of sight of other people. If none of these methods appeals to you, another solution would be implementing a tracking device. It will not protect your car, but it will help you locate it in case of theft.  

Hacking into a car via applications 

Imagine you use a mobile application to perform specific functions with your car, and your mobile phone gets infected with malware. Unfortunately, this may also lead to your car being compromised, meaning that sensitive data such as passwords may be retrieved if stored unsafely.  

The solution would be to avoid installing suspicious applications. Instead, use Play Store or App Store, or better yet, avoid using applications with your car.   

Hacking via a USB port  

Using social engineering, you might be tricked into inserting a malicious USB device into your car. In that case, it can become infected with malware. Furthermore, using the USB port of a rental car is not advised because some of your private information may be transferred to the vehicle. If not deleted, it may be stored and accessible by the next person to use the automobile.  

It is advised to only charge your phone when using rental cars or remember to check that everything is stored when finishing the ride. If a hacker finds a loophole and accesses the machine’s telematics system, the person may be able to manipulate various data such as vehicle activity, system reports and track your location, and even have the possibility of controlling it.   

Hacking through Wi-Fi, Bluetooth and hotspots 

Wi-Fi, Bluetooth and hotspot are just a few among many known methods to hack into your car. It is possible to scan the network and remotely take control of the vehicle.  

Avoid using weak passwords for your Wi-Fi and disconnect the Bluetooth function when you do not need it.  

Top 10 most known automotive hacking incidents  

Unlike with other hacking types, it is more difficult to find major “car hacking” incidents because individual vehicles are usually hacked. Therefore, it would take a lot of work to find information about every separate incident and provide an extensive report.  

Instead, we can refer to statistics about the most hacked cars in 2020, as noted by Consumer Watchdog:

Most likely, some of you wonder why Tesla is not on the list or believe it should not be. It has been proven more than once that a Tesla self-driving car can be hacked, and almost every few years, a new loophole can be found. However, a Tesla car is considered more secure in some ways because patches can be made fast.  

All the drivers would need to agree to update the system once they receive an invitation to upgrade. Tesla is putting constant effort into improving the security of its products. The company offers large sums of money to anyone who can find flaws in their system.  

Even though most car hacking cases are separate hacks into cars, there have been instances that have caused major financial losses to companies. For example, a driver lost control when driving his Jeep Cherokee when a few hackers remotely controlled the automobile. After the incident, the car’s Chrysler’s manufacturer recalled 1.4 million cars. Moreover, other manufacturers have recalled large numbers of cars. This is one of many incidents of this type. For example, Toyota halted its car production for about a day on suspicion of a cyber attack.  

What should we expect from the future? 

All in all, car hacking is still a relatively new subject. In the future, many more ways to hack into vehicles may be discovered as they become more modern and new gadgets and features are introduced. An automobile is an expensive object, and sometimes our safety depends on its safety, making this subject much more sensitive.   

As Elon Musk mentioned before, experiencing a fleet-wide attack is the most significant cause of fear. As technology develops, new safety measures are introduced. While car hacking is a real cause for concern, there are many ways to prevent this from happening. Also, while some people get their automobiles stolen twice using a key fob hack, this may never become an issue for others.   

Ransomware attacks explicitly targeted at cars are another concept that may prove very costly and popular in the future. An intruder may obtain control of the vehicle and demand payment for access to the car. 

When thinking about car hacking in general, a universal solution would be driving an Audi 80 because it does not contain the technologies that most modern cars have today. But, jokes aside, you can always find time to introduce preventative methods to stay more secure.