McAfee warns of hacker threat to autos

Sep 07, 2011 by Glenn Chapman
Cars made smarter with Internet technology are zooming into perilous hacker territory, according to a report by US computer security giant McAfee.

Cars made smarter with Internet technology are zooming into perilous hacker territory, according to a report by US computer security giant McAfee.

The first-of-its-kind report, entitled "Caution: Malware Ahead" and released late Tuesday, warned that security is lagging as vehicles are enhanced with embedded chips and sensors for a growing array of purposes.

"As more and more functions get embedded in the of automobiles, the threat of attack and malicious manipulation increases," said McAfee and general manager Stuart McClure.

"It's one thing to have your email or laptop compromised, but having your car hacked could translate to dire risks to your personal safety," he added.

Chips are embedded in almost all parts of cars from airbags, brakes, and power seats to cruise controls, anti-theft gadgets, and , according to McClure.

Researchers have demonstrated that computers controlling functions in automobiles can be hacked if attackers get into vehicles and, in some cases, from afar.

A security consultant with iSEC Partners showed peers at a recent security conference in Las Vegas that it is possible to unlock or start cars by sending commands in the form of text messages from smartphones.

Sensors used by roadside to find cars or by car owners to make sure vehicles are being driven safely, can give cyber stalkers ways to track someone's movements, according to the report.

Hackers could disrupt car navigation systems, steal through Bluetooth connections, or disable vehicles remotely, the findings indicated.

"The is continually adding features and technologies that deliver new conveniences such as Internet access and the ability to further personalize the ," the report said.

"However, in the rush to add features, security has often been an afterthought," it said.

There were no indications that hackers have yet taken advantage of computer vulnerabilities in cars, according to McAfee.

McAfee and smart gadget software specialty firm Wind River, both owned by US chip colossus Intel, collaborated with embedded device security firm ESCRYPT on the study.

"As the trend for ubiquitous connectivity grows, so does the potential for security vulnerabilities," said Wind River senior director for automotive solutions Georg Doll.

"The report highlights very real security concerns, and many in the auto industry are already actively designing solutions to address them," Doll added.

Researchers cited industry projections that the number of Internet connected devices will climb to 50 billion in the year 2020 from a billion last year.

The bulk of those gadgets are expected to be embedded devices such as airport ticket kiosks, cash registers, key card readers, and controls for factory machinery.

"Today, we're seeing bold new experiments, including Google's auto-piloted cars and smart roads with sensors that report on traffic conditions and vehicle speeds," the report said.

"Experiments like these show the ongoing possibilities... But there is a concern that as the industry advances, there has been little done to ensure the security of these systems."

Explore further: Report: FBI's anthrax investigation was flawed

add to favorites email to friend print save as pdf

Related Stories

Intel completes McAfee acquisition

Feb 28, 2011

US computer chip giant Intel said Monday that it has completed its $7.68 billion acquisition of computer security firm McAfee.

Facebook teams with McAfee to tighten security

Jan 13, 2010

Facebook has announced an alliance with Internet security specialty firm McAfee to get user of the world's leading online social network to better protect their computers.

Recommended for you

Report: FBI's anthrax investigation was flawed

14 hours ago

The FBI used flawed scientific methods to investigate the 2001 anthrax attacks that killed five people and sickened 17 others, federal auditors said Friday in a report sure to fuel skepticism over the FBI's ...

Study reveals mature motorists worse at texting and driving

Dec 18, 2014

A Wayne State University interdisciplinary research team in the Eugene Applebaum College of Pharmacy and Health Sciences has made a surprising discovery: older, more mature motorists—who typically are better drivers in ...

Napster co-founder to invest in allergy research

Dec 17, 2014

(AP)—Napster co-founder Sean Parker missed most of his final year in high school and has ended up in the emergency room countless times because of his deadly allergy to nuts, shellfish and other foods.

LA mayor plans 7,000 police body cameras in 2015

Dec 16, 2014

Mayor Eric Garcetti announced a plan Tuesday to equip 7,000 Los Angeles police officers with on-body cameras by next summer, making LA's police department the nation's largest law enforcement agency to move ...

User comments : 5

Adjust slider to filter visible comments by rank

Display comments: newest first

Bonkers
3.7 / 5 (3) Sep 07, 2011
"first of its kind" is a complete fallacy - "first time McAfee spotted it" would be more accurate - and only because Intel told them, and the auto industry told Intel in turn.
This is a reasonably well researched field, maybe start here?
www.autosec.org/p...2010.pdf
Temple
5 / 5 (1) Sep 07, 2011
McAfee has a long, long history of acting the Chicken Little. Indeed they have a financial stake in it.

Their expertise lies less in knowledge of computer security and more in the manipulation and capitalization of the public's fear of computer security.
gwrede
5 / 5 (2) Sep 07, 2011
Don't ever leave your driveway without MacAfee AutoShield, the first, the premier, and the best security, for your family!!
Temple
not rated yet Sep 08, 2011
Don't ever leave your driveway without MacAfee AutoShield, the first, the premier, and the best security, for your family!!


Of course, popping into your car for a quick trip to get milk would require an extra 10 minutes of wading through pop-up warnings, scans, and updates.
jackofshadows
not rated yet Sep 08, 2011
"'However, in the rush to add features, security has often been an afterthought,' it said."

I think this falls in the area of "Yes. Dun!" I have a system X that has (oft logic-based) inputs, ditto for outputs, with programmable logic in between. What part of said system X being crackable/hackable don't you comprehend?!

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.