Hackers can disable your car's safety systems
Hackers could disable a modern car's airbags and other safety systems, putting the driver and the passengers at grave risk, according to a new warning.
Researchers from security firm Trend Micro have revealed a flaw that could allow the controlling network of a connected car to be overloaded, allowing possible hackers to compromise key systems in the vehicle, including safety aspects.
Trend Micro's report claims that hackers could, with relative ease, overload the controller area network (CAN) standard, which the company says is used in "practically every light-duty vehicle currently in circulation today."
The system, which was developed in 1983 and pushed into production in 1989, can be overloaded by sending a huge amount of erroneous messages to push it into a Bus Off state, essentially turning it off.
This would then allow hackers could turn off individual systems like airbags, or the antilock breaking system -- although the report adds that the hacker would need to be one of the passengers in order to make it work.
Scary as it may sound, the hacker would also need a "specially-crafted attack device" in order to make it work. And that device needs to be introduced via local access, meaning the hacker would need to be in the car. Trend Micro says the only way to eliminate the vulnerability is to make large changes to the standard used.
"Car manufacturers can only mitigate the attack we demonstrated by adopting specific network countermeasures, but cannot eliminate it entirely," the post said. "To eliminate the risk entirely, an updated CAN standard should be proposed, adopted, and implemented. This whole process would likely require another generation of vehicles."
Published under license from ITProPortal.com, a Future plc Publication. All rights reserved.