Sign in with
Sign up | Sign in

McAfee: Hackers Going After Cars Next

By - Source: McAfee PR | B 34 comments

As automobile become more convenient and more connected to the world. the more likely they'll be susceptible to hacking.

Wednesday McAfee released a report called "Caution: Malware Ahead" (pdf) which talks about electrical systems that have become commonplace in today’s cars, and the emerging security risks surrounding those systems.

"The report highlights very real security concerns, and many in the auto industry are already actively designing solutions to address them," McAfee said. "Given the development time for automobiles, the industry is finding it essential to start work now by teaming up with those possessing the right mix of software expertise."

Airbags, radios, power seats, anti-lock braking systems, electronic stability controls, autonomous cruise controls, communication systems and in-vehicle communication systems -- all of these consist of embedded devices that could be susceptible to hacking in left unchecked. To make matters worse, the automobile industry is continually adding features and technologies to further personalize the driving experience, to keep the driver and the passengers connected to the world.

"Consumers want to stay connected, even in their cars, which is motivating automobile manufacturers to increase integration between cars and consumer devices such as smartphones and tablets," McAfee said. "However, in the rush to add features, security has often been an afterthought. The report highlights examples of how automotive systems have been compromised."

Some of the security risks the report covers includes remotely unlocking and starting car via cell phone, disabling a car remotely, tracking a driver’s location, activities and routines, stealing personal data from a Bluetooth system, disrupting navigation systems, disabling emergency assistance and more cybercriminal activity.

"Researchers at several universities have demonstrated that critical safety components of an automobile can be hacked if physical access to the vehicle’s electronic components is available," McAfee said. "Other researchers have showed that an attack can be mounted to track a vehicle and compromise passengers’ privacy by tracking the RFID tags using powerful long-distance readers at around 40 meters."

To read the full report, check out McAfee's document here.

Discuss
Ask a Category Expert

Create a new thread in the Streaming Video & TVs forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
Top Comments
  • 10 Hide
    eddieroolz , September 8, 2011 6:10 AM
    Frankly there are some places in the world that should not be connected to the internet. A car is one. Another would be the government classified computer system.
Other Comments
  • 10 Hide
    eddieroolz , September 8, 2011 6:10 AM
    Frankly there are some places in the world that should not be connected to the internet. A car is one. Another would be the government classified computer system.
  • -4 Hide
    toastninja17 , September 8, 2011 6:12 AM
    Really doesn't surprise me at all...well, actually it kind of did, but only before I realized how much of a 'duh' moment this is for the auto industry.
  • Display all 34 comments.
  • 3 Hide
    klavis , September 8, 2011 7:29 AM
    Researchers at several universities have demonstrated that critical safety components of an automobile can be hacked if physical access to the vehicle’s electronic components is available.


    That made me laugh. It's like saying, "Hey, we did some research over here and you know what, we found out that if someone has access to your door lock, shit, they can unlock it!" It's so obvious, if you have access to the controlling mechanism of something you will in fact have control of it.

    Now enough with that, I'm surprised this hasn't been raise before, it's not a new issue. When cars started to do wireless entry and start in the 90s I thought it was a bad idea. One person could break into a car without to much difficulty if they had the right device. For example, watch Ghost Dog, you'll see what I'm talking about. People should just be lucky criminals haven't taken the time to go high tech, eventually they will. They should have known that well over a decade ago.
  • 8 Hide
    jj463rd , September 8, 2011 7:54 AM
    My 1970's Volkswagen Beetle has a hard time getting online on the Internet.
  • 3 Hide
    lucky015 , September 8, 2011 8:42 AM
    I think I've had enough of mediocre companies that should have gone out of business 10 years ago making wild guesses to en-site panic
  • 0 Hide
    jsc , September 8, 2011 9:02 AM
    "Researchers at several universities have demonstrated that critical safety components of an automobile can be hacked if physical access to the vehicle’s electronic components is available," McAfee said. "Other researchers have showed that an attack can be mounted to track a vehicle and compromise passengers’ privacy by tracking the RFID tags using powerful long-distance readers at around 40 meters."
    Well, duh!
  • -1 Hide
    back_by_demand , September 8, 2011 10:09 AM
    Tracking by RFID tabs from 40m?

    How about tracking by number plate recognition cameras from a lot, lot further away.
  • 4 Hide
    Anonymous , September 8, 2011 11:06 AM
    What, like McAfee are going to come up with some solution that will protect our cars like they do our Computers. It would be like giving the keys away to the criminal, no need for them to even try hacking in if McAfee is on it!

    Dont beleive me, here look at this

    http://www.virusbtn.com/vb100/RAP/RAP-quadrant-Feb-Aug11-850.jpg

    Sure use McAfee if you only want 4/5ths protection, and this quadrant is one of their best!

    The worst thing about McAfee is it wont die now because Intel owns them, what a bloody shame!
  • 0 Hide
    alyoshka , September 8, 2011 11:20 AM
    FEAR rules the world, I think some brainy chap at McAfee has figured it out ......
    Now you need to get a Certified AntiVirus for your car with the Insurance or it's going to be a crime.....
  • 0 Hide
    __Miguel_ , September 8, 2011 11:30 AM
    back_by_demandTracking by RFID tabs from 40m?How about tracking by number plate recognition cameras from a lot, lot further away.

    Yep, plus no matter how directional your RFID scanner is, the camera can actually pinpoint your location, while the RFID can only get you a general area. Not to mention with a camera you can, well, record faces and such...

    Also, tracking by RFID-like tags has been in use for about two decades in Portugal, for toll payments. You pass under an archway, your tag gets read (you have to buy one, btw), then at the end of the month the company automatically gets the money from your bank account. Simple, and can save A LOT of time, especially in high-traffic tolls. In recent years, this system has even been extended to a few underground parking spaces and gas stations. Can't see a problem with it, you can't know where *I* am, you can only know where *my car* is, and I'm not the only one driving it...

    In more relevant matters, I do think this might become a problem in the future. However, it can be more or less controllable: you just need to completely separate some parts of the car electronics from the rest.

    Let's face it: apart from very limited interventions at a garage, there is, nor should there be, any reasons for having security features (and the central CPU) of a car communicating with anything else, thus shouldn't even be allowed access to an external network (preferably, only the power source should be shared, if really needed).

    At the same time, entertainment appliances and GPS have NO need to be sharing information with, well, anything under the bonnet, really. They might need to interface with an external network and with users, but that's it. And, if something gets corrupted/catches a virus/whatever, it won't compromise the fundamental security features.

    It seems to me it's mostly a design problem, really. Sure, you might need to firewall your car (which anyone with a carputer accessing external networks already does, or should do, anyway), or even run AV software, but provided you keep security features and entertainment/location features unable to share data between them, you should be fine.

    Cheers.

    Miguel
  • 1 Hide
    chaos133 , September 8, 2011 11:30 AM
    Glad I don't have to worry about getting a BSoD like error in my 1999 car.
  • 1 Hide
    eleclerc , September 8, 2011 12:31 PM
    the car, the ipad, iphone, cellphone, router, and next, what's should protect against? microwave, oven, fridge, tv!!!
  • 2 Hide
    cmartin011 , September 8, 2011 12:46 PM
    eagle eye like project or aliens linking up to ur car for self destruction lol!
  • 1 Hide
    zoemayne , September 8, 2011 12:48 PM
    even more reason to have a aftermarket alarm system. I always recommend a Clifford alarm even if you get car jacked you should be able to get your car back the same day without the need for a tracking device. so if your spending 7K-40K its your fault for not getting a $500 alarm.

    I dont understand how a $50K car is the number one stolen car(Escalade).
  • 1 Hide
    jojesa , September 8, 2011 12:51 PM
    Hey McAfee, instead of trying to be on the news every other day...how about using the resources on your antivirus programs. Even free AVs like AVG perform better than your bloatware.
  • 0 Hide
    zoemayne , September 8, 2011 12:53 PM
    lol so now we need virus protection for our cars. mcafee and norton is a joke. when will consumers stop paying for such. I know all the free virus s/w is hurting them they need to cease to exist.
  • 1 Hide
    figgus , September 8, 2011 1:13 PM
    Wanna know one thing NOBODY is going after? McAfee.

    /thread
  • 0 Hide
    ubergeek , September 8, 2011 1:19 PM
    I must be ahead of Mac-A-Fee's time because I was hacking Car ECMs back in the '80s. In 2000 I put a '95 Camaro ECM into my '86 vette and hacked the crap out of the timing and fuel settings to make it go faster. People have been hacking Cars even before my time, they were just called gear-heads, grease monkeys, etc... Go away McFreeMoney
  • 1 Hide
    ubergeek , September 8, 2011 1:21 PM
    FYI cars already have firewalls. It's that big metal shield between the engine and passenger compartments.
  • 1 Hide
    RipperjackAU , September 8, 2011 1:41 PM
    Oh great. So now when the hackers of the future crash you computer, your operating system is not the only thing that will stop dead.

    Things to look forward in the future...

    - Malware that takes over control of your cars auto navigation system, driving you to the nearest brothel.
    - Fake "Anti-Virus Automobile Software" that drives your car onto the edge of a cliff, and threatens to dive you over the edge unless you send your credit card number to the specified email address.
    - Software that promises to optimize your cars gas mileage, but in reality just takes up engine rev cycles and does nothing.

    Yay for the future!!!!... I think I'll walk.
Display more comments
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter