Today convicted Modern cars are using a lot of technology and it always connected with internet that makes it extremely vulnerable and easy to compromise using Malware attacks and other security flaws that presented in the IoT Devices that connected with Modern cars.
Connected cars are rapidly increasing and multiple IoT devices are connected to the car that needs to communicate remotely in order to operate the users from Wifi and other drive assistance.
Major Modern Cars Security Risk
Vehicle-to-Vehicle Communications is established using Wireless network that allows making two vehicle’s successful communication on road and it allows to reduce the car speed if another vehicle comes closer.
In this case, Attacker could be abusing the flaw in the wireless communication technology and reduce the car speed and invaded by destructive malware and the V2V system becomes a vector, a malicious actor could create malware to infect many connected cars.
Controller Area Network Backdoor
Many cars are using controller area network (CAN) that using to communicates with a vehicle’s electronic control unit (ECU), which operates many subsystems such as antilock brakes, airbags, transmission, audio system, doors, and many other parts—including the engine.
Modern cars are using Diagnostic Version 2 port that used to diagnose problems with Mechanics and this could be abused by CAN traffic and intercepted from the OBD port.
So external OBD device could be plugged into a car as a backdoor for external commands, controlling services such as the Wi-Fi connection and unlock the door.
Malware and Exploits
Modern cars technology allows to connect the car with our smartphones to our cars, we add functions such as phone calls, SMS, and music and audiobooks.
Recent powerful Malware and exploits could compromise the device and firmware that will lead to compromise the car devices.
Car Theft and Key Fob Hacking
Key fob hacking is a procedure to enable an attacker to enter the car without softening up. This system is generally used by hackers and should be possible effectively with modest equipment.
In this case, attacker blocks the signal from the wireless key and lock the car and also reply the signal to compromise the car.
According to McAfee Research, One variant of the attack uses a jammer to block the signal. The jammer interferes with the electromagnetic waves used to communicate with the vehicle, blocking the signal and preventing the car from locking, leaving access free to the attacker.
Personal Data and Tracking
Connected Cars are kept recording the more sensitive personal data about the drivers from the external devices such as hone, and can include contact details, SMS and calls history and even musical tastes that connected to the cars.
These data are used by the companies, cybercriminals, and Governments to use it for various purposes such as spying and tracking the people, marketing or insurance contracts.
Fake Car Data
Advanced data can be adjusted and faked. By adjusting information, for example, contamination tests or execution, organizations results to increase sales Additionally, drivers could change auto insights, for example, separate set out to trick insurance agencies or future purchasers.