Skip to main content
Part of complete coverage on

Could hackers seize control of your car?

A student at the Freie Universitaet Berlin steers a converted Dodge minivan remotely with an iPhone in November 2009.
A student at the Freie Universitaet Berlin steers a converted Dodge minivan remotely with an iPhone in November 2009.
STORY HIGHLIGHTS
  • Car manufacturers' appearance at mobile show heralds new automotive era
  • Increased use of technology in cars has raised concerns over security
  • Experts warn computer hackers could access car systems and data

(CNN) -- When car companies begin exhibiting at mobile phone shows, it's a sign that the "connected" vehicle has truly arrived -- allowing us to take our digital lives with us as we hit the highway.

But while Ford's unveiling of its latest car at Mobile World Congress -- a major cell phone industry event -- this week may have heralded a new automotive age, it also heightens fears that our technology-crammed cars could be hijacked by hackers.

Just like our PCs and smartphones, the computerized components that have infiltrated almost every aspect of modern vehicles could potentially be broken into, experts say. Only, with a car, this could have far more dangerous consequences.

"We typically don't drive our smartphones at 80 miles an hour," said Brian Contos, security strategist at technology protection firm McAfee. "But safety concerns and privacy concerns all culminate when you talk about automobiles."

Ford isn't alone in integrating mobile phone technology into its cars.

Ford goes high-tech with new vehicles
BlackBerry in your car and in your hands
The FC PowerTrekk charger converts water into electricity to power a mobile. The FC PowerTrekk charger converts water into electricity to power a mobile.
Latest gadgets on display in Barcelona
HIDE CAPTION
<<
<
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
>
>>
Mobile World Congress Mobile World Congress

While its networked B-Max compact and its prototype Evos were big hits at the Mobile World Congress in Barcelona, also on display was a BlackBerry-embedded Porsche 911 and a Toyota with an integrated Samsung phone application.

Read more about Ford's tecnhology-filled car

Almost every vehicle manufactured in the past few years is hardwired with computer circuitry in some way, from simple entertainment units to sophisticated safety systems that can control braking and acceleration.

And technology continues to advance. Google is working on a driverless car project that, in allowing complete control of the vehicle to be handled by computers, could reshape the future of motoring.

With onboard systems capable of preventing crashes or summoning help after accidents, vehicles have arguably never been safer.

But in-built links to cell phones, Bluetooth or even low-range radio transmitters serve only to heighten the possibility that this technology can be turned against us.

So far, such attacks have been largely academic. Last year computer scientists at the University of California, San Diego and University of Washington reported they were able to gain remote access to the safety systems of a "moderately priced sedan" using an audio CD infected with a virus.

"Modern automobiles are pervasively computerized, and hence potentially vulnerable to attack," they argued in a report to the U.S. National Academy of Sciences. They warned of "financially-motivated scenarios" under which an attacker might exploit these weaknesses.

There have been a few real-life examples, such as the disgruntled ex-employee of a firm providing web-based vehicle-immobilization systems who reportedly managed to disable 100 cars in Austin Texas in 2010.

"The nightmare scenario is 100 cars on a bridge and 50% of them hit their brakes and 50% hit their accelerators," added Contos. "Just the amount of collision that something like that would cause with a remote attack, that's pretty scary stuff."

Safety concerns and privacy concerns all culminate when you talk about automobiles.
Brian Contos, McAfee securty strategist

Another possibility envisaged by Contos is hackers using radio waves to trigger a tire pressure warning. "And then what happens? The logical person would pull over and check their tires, and what a great way to carjack somebody."

Contos, whose company has compiled a report highlighting vehicle cyber security issues, also suggests that the most likely motive for such an attack would be financial, but could simply be the work of hackers trying to wreak havoc for the sake of it. Terrorism could also be a factor.

"A lot people say there's no such thing as cyber terrorism because it doesn't have the shock and awe value of blowing up a car or something of that nature. Well something like (causing a major collision) would have that."

Then there are the concerns over privacy. In downloading personal information into our cars we may help them navigate to our favorite coffee shops or check our diaries, but we also make them targets for data thieves.

For many in the auto industry, the question is currently one of balance: whether the benefits of technology outweigh the problems with security.

Read more about mobiles and medicine

"I don't think this is a situation that's unique to the car industry," said motoring journalist Carlton Boyce. He suggests that handing more computerized autonomy to our vehicles is inevitable in an increasingly traffic-clogged world. This, he says, is something consumers are happy with, and will benefit from in the long run.

"The risks are probably smaller than putting everyone in charge of two tons of metal and letting them drive at 80 miles an hour," he said.

Vehicle manufacturers themselves are not blind to the problem. Bill Ford, great grandson of Model-T creator Henry Ford and now the auto giant's executive chairman, says he traveled to Barcelona this week partly to address security concerns.

"That's one of the issues we're going to have to work out as we go along and that's why we're here, to talk to the mobile providers because they're already facing many of those security issues," he said. "For now, what we're working with is opt-in; you can opt-in with how much you're comfortable with."

He added: "Your car can know where you are at any moment and that's great for safety reasons, but the downside of that potential is someone knows where you are every second, and that's something we're going to have to work through."

This won't be easy, says Contos. With vehicles taking up to three years to develop, he says manufacturers will struggle to keep abreast of rapidly-evolving threats unless they organize regular software updates.

Instead, he says, any installed technology should be given a so-called "white list" of permissible activities beyond which any procedures are blocked.

Another option, of course, is to return to driving jalopies whose only concession to technology is a crackling AM radio. But, adds Contos, this isn't a route most drivers are prepared to take.

"People aren't going to go back to driving the Model T any more than they're going to go back to rotary telephones because of the risks on smartphones," he said.

ADVERTISEMENT
Part of complete coverage on
February 23, 2014 -- Updated 1705 GMT (0105 HKT)
Mobile World Congress offered up robotic balls, GPS walking sticks and more than its fair share of unexpected uses for digital technology.
February 28, 2013 -- Updated 1134 GMT (1934 HKT)
With many smartphone users groaning about battery performance, scientists are racing to design phones that never need to be charged.
February 27, 2013 -- Updated 1344 GMT (2144 HKT)
Nokia's wireless charging device is a pillow for your phone so that
3D screens, flamenco dancers and endless batteries: all the latest innovations being unveiled at Mobile World Congress in Barcelona.
February 27, 2013 -- Updated 1034 GMT (1834 HKT)
Yahoo's decision to curtail remote working has stirred dismay at a time when many companies are striving to enable telecommuting.
February 26, 2013 -- Updated 1630 GMT (0030 HKT)
The industry has repeatedly promised a "mobile advertising tipping point," but mobile advertising is yet to come of age.
February 26, 2013 -- Updated 2004 GMT (0404 HKT)
The 'phablet' seems to be MWC 2013's must-have item. This is the Asus Fonepad: A seven inch tablet with mobile phone capabilities. Samsung launched a similar product at the show called the Galaxy Note 8.0.
Didn't we tell you that the lines between smartphones and tablets are blurred? Case in point: the Asus Fonepad, a 7-inch tablet that's also a phone.
February 26, 2013 -- Updated 1725 GMT (0125 HKT)
In the not-too-distant future, you'll receive a full diagnosis and cure from your smartphone before you have even realized you're unwell.
February 25, 2013 -- Updated 1802 GMT (0202 HKT)
The next generation is just a few weeks away for the world's hottest smartphone without a piece of fruit on it.
February 25, 2013 -- Updated 1632 GMT (0032 HKT)
CNN's Kristie Lu Stout explores Barcelona, Spain -- home of the Mobile World Congress 2013 -- using only her smartphone.
February 22, 2013 -- Updated 1241 GMT (2041 HKT)
As CNN heads to Mobile World Congress 2013, we're asking readers what features they want to see on the phones of the future.
February 28, 2013 -- Updated 1632 GMT (0032 HKT)
Is it time to start carrying two mobile phones? At least one manufacturer is hoping more people might soon be relying on multiple mobiles.
February 26, 2013 -- Updated 0019 GMT (0819 HKT)
In the future we will have screens not just in the palm of our hands, but all around us, according to Google's Director of Android User Experience.
February 26, 2013 -- Updated 1423 GMT (2223 HKT)
Wearing spectacles that record our every move could be the end of privacy as we know it, says internet commentator Andrew Keen.
ADVERTISEMENT