McAfee warns of hacker threat to autos

Sep 07, 2011 by Glenn Chapman
Cars made smarter with Internet technology are zooming into perilous hacker territory, according to a report by US computer security giant McAfee.

Cars made smarter with Internet technology are zooming into perilous hacker territory, according to a report by US computer security giant McAfee.

The first-of-its-kind report, entitled "Caution: Malware Ahead" and released late Tuesday, warned that security is lagging as vehicles are enhanced with embedded chips and sensors for a growing array of purposes.

"As more and more functions get embedded in the of automobiles, the threat of attack and malicious manipulation increases," said McAfee and general manager Stuart McClure.

"It's one thing to have your email or laptop compromised, but having your car hacked could translate to dire risks to your personal safety," he added.

Chips are embedded in almost all parts of cars from airbags, brakes, and power seats to cruise controls, anti-theft gadgets, and , according to McClure.

Researchers have demonstrated that computers controlling functions in automobiles can be hacked if attackers get into vehicles and, in some cases, from afar.

A security consultant with iSEC Partners showed peers at a recent security conference in Las Vegas that it is possible to unlock or start cars by sending commands in the form of text messages from smartphones.

Sensors used by roadside to find cars or by car owners to make sure vehicles are being driven safely, can give cyber stalkers ways to track someone's movements, according to the report.

Hackers could disrupt car navigation systems, steal through Bluetooth connections, or disable vehicles remotely, the findings indicated.

"The is continually adding features and technologies that deliver new conveniences such as Internet access and the ability to further personalize the ," the report said.

"However, in the rush to add features, security has often been an afterthought," it said.

There were no indications that hackers have yet taken advantage of computer vulnerabilities in cars, according to McAfee.

McAfee and smart gadget software specialty firm Wind River, both owned by US chip colossus Intel, collaborated with embedded device security firm ESCRYPT on the study.

"As the trend for ubiquitous connectivity grows, so does the potential for security vulnerabilities," said Wind River senior director for automotive solutions Georg Doll.

"The report highlights very real security concerns, and many in the auto industry are already actively designing solutions to address them," Doll added.

Researchers cited industry projections that the number of Internet connected devices will climb to 50 billion in the year 2020 from a billion last year.

The bulk of those gadgets are expected to be embedded devices such as airport ticket kiosks, cash registers, key card readers, and controls for factory machinery.

"Today, we're seeing bold new experiments, including Google's auto-piloted cars and smart roads with sensors that report on traffic conditions and vehicle speeds," the report said.

"Experiments like these show the ongoing possibilities... But there is a concern that as the industry advances, there has been little done to ensure the security of these systems."

Explore further: T-Mobile deal helps Rhapsody hit 2M paying subs

add to favorites email to friend print save as pdf

Related Stories

Intel completes McAfee acquisition

Feb 28, 2011

US computer chip giant Intel said Monday that it has completed its $7.68 billion acquisition of computer security firm McAfee.

Facebook teams with McAfee to tighten security

Jan 13, 2010

Facebook has announced an alliance with Internet security specialty firm McAfee to get user of the world's leading online social network to better protect their computers.

Recommended for you

Printing the metals of the future

22 minutes ago

3-D printers can create all kinds of things, from eyeglasses to implantable medical devices, straight from a computer model and without the need for molds. But for making spacecraft, engineers sometimes need ...

Turning bio-waste into hydrogen

1 hour ago

Whilst hydrogen cars look set to be the next big thing in an increasingly carbon footprint-aware society, sustainable methods to produce hydrogen are still in their early stages. The HYTIME project is working on a novel production ...

Pfizer's 2Q profit sinks 79 pct but tops forecasts

1 hour ago

(AP)—Pfizer's second-quarter earnings plunged 79 percent from last year, when the world's second-largest drugmaker booked a business spinoff gain of more than $10 billion. The latest results still edged ...

Aetna 2Q profit rises 2.4 percent

1 hour ago

Aetna's second-quarter profit climbed more than 2 percent, as gains from an acquisition helped the health insurer beat analyst expectations and raise its 2014 earnings forecast again.

User comments : 5

Adjust slider to filter visible comments by rank

Display comments: newest first

Bonkers
3.7 / 5 (3) Sep 07, 2011
"first of its kind" is a complete fallacy - "first time McAfee spotted it" would be more accurate - and only because Intel told them, and the auto industry told Intel in turn.
This is a reasonably well researched field, maybe start here?
www.autosec.org/p...2010.pdf
Temple
5 / 5 (1) Sep 07, 2011
McAfee has a long, long history of acting the Chicken Little. Indeed they have a financial stake in it.

Their expertise lies less in knowledge of computer security and more in the manipulation and capitalization of the public's fear of computer security.
gwrede
5 / 5 (2) Sep 07, 2011
Don't ever leave your driveway without MacAfee AutoShield, the first, the premier, and the best security, for your family!!
Temple
not rated yet Sep 08, 2011
Don't ever leave your driveway without MacAfee AutoShield, the first, the premier, and the best security, for your family!!


Of course, popping into your car for a quick trip to get milk would require an extra 10 minutes of wading through pop-up warnings, scans, and updates.
jackofshadows
not rated yet Sep 08, 2011
"'However, in the rush to add features, security has often been an afterthought,' it said."

I think this falls in the area of "Yes. Dun!" I have a system X that has (oft logic-based) inputs, ditto for outputs, with programmable logic in between. What part of said system X being crackable/hackable don't you comprehend?!