{"id":29081,"date":"2019-09-17T11:00:34","date_gmt":"2019-09-17T17:00:34","guid":{"rendered":"https://www.webroot.com/blog/?p=29081"},"modified":"2019-11-18T16:02:19","modified_gmt":"2019-11-18T23:02:19","slug":"keeping-your-vehicle-secure-against-smart-car-hacks","status":"publish","type":"post","link":"https://www.webroot.com/blog/2019\/09\/17\/keeping-your-vehicle-secure-against-smart-car-hacks\/","title":{"rendered":"Keeping Your Vehicle Secure Against Smart Car Hacks"},"content":{"rendered":"\n

An unfortunate reality of all smart devices is that, the smarter they get, and the more integrated into our lives they become, the more devastating a security breach can be. Smart cars are no exception. On the contrary, they come with their own specific set of vulnerabilities. Following high-profile incidents like the infamous Jeep hack<\/a>, it\u2019s more important than ever that smart car owners familiarize themselves with their inherent vulnerabilities. It may even save lives.<\/p>\n\n\n\n

Want smart device shopping tips? Make sure your security isn\u2019t sacrificed for convenience.<\/a><\/strong><\/p>\n\n\n\n

Smart Car\nVulnerabilities<\/h2>\n\n\n\n

At a recent hacking competition, two competitors were able\nto exploit a flaw in the Tesla Model 3 browser system<\/a> and compromise\nthe car\u2019s firmware. While the reported \u201cTesla hack\u201d made waves in the industry,\nit actually isn\u2019t even one of the most common vulnerabilities smart car owners\nshould look out for. These, easier to exploit, vulnerabilities may be more\nrelevant to the average owner.<\/p>\n\n\n\n

Car alarms<\/strong>, particularly aftermarket car alarms, are\none of the largest culprits in smart car security breaches. A recent study\nfound that at least three million vehicles<\/a> are currently at risk\ndue to insecure smart alarms. By exploiting insecure direct object reference\n(IDORS) issues within the alarm\u2019s software, hackers can track the vehicle\u2019s GPS\nlocation, disable the alarm, unlock doors, and in some cases even kill the\nengine while it is being used.<\/p>\n\n\n\n

Key fobs<\/strong> are often used by hackers to gain physical\naccess to a vehicle. By using a relay attack<\/a>, criminals are able to capture a\nkey fob\u2019s specific signal with an RFID receiver and use it to unlock the car.\nThis high-tech version of a duplicate key comes with a decidedly low-tech\nsolution: Covering your key fob in aluminum foil will prevent the signal from\nbeing skimmed.<\/p>\n\n\n\n

On-Board diagnostic <\/strong>ports are legally required for all vehicles manufactured after 1996 in the United States. Traditionally used by mechanics, the on-board diagnostics-II (OBD-II) port<\/a> allows direct communication with your vehicle\u2019s computer. Because the OBD-II port bypasses all security measures to provide direct access to the vehicle\u2019s computer for maintenance, it provides particularly tempting backdoor access for hackers.<\/p>\n\n\n\n

Protecting Your\nSmart Car from a Cybersecurity Breach<\/h2>\n\n\n\n

Precautions should always be taken after buying a new smart\ndevice, and a smart car is no exception. Here are the best ways to protect your\nfamily from a smart car hack.<\/p>\n\n\n\n

Update your car\u2019s firmware<\/strong> and keep it that way. Do\nnot skip an update because you don\u2019t think it\u2019s important or it will take too\nmuch time. Car manufacturers are constantly testing and updating vehicle\nsoftware systems to keep their customers safe\u2014and their brand name out of the\nnews. Signing up for vehicle manufacturer recalls and software patches will\nhelp you stay on top of these updates.<\/p>\n\n\n\n

Disable unused smart services.<\/strong> Any and all of your\ncar\u2019s connectivity ports that you do not use should be turned off, if not\naltogether disabled. This means that if you don\u2019t use your car\u2019s Bluetooth\nconnectivity, deactivate it. Removing\nthese access points<\/a> will make your car less exposed to hacks.<\/p>\n\n\n\n

Don\u2019t be a beta tester.<\/strong> We all want the newest and\nhottest technologies, but that doesn\u2019t keep us at our most secure. Make sure\nthat you\u2019re purchasing a vehicle with technology that has been field tested for\na few years, allowing time for any vulnerabilities to be exposed. Cutting-edge\ntechnologies are good. But bleeding edge? Not so much.<\/p>\n\n\n\n

Ask questions when<\/strong> buying your vehicle<\/strong> and\ndon\u2019t be afraid to get technical. Ask the dealer or manufacturer which systems\ncan be operated remotely, which features are networked together, and how those\ngateways are secured. If you\u2019re not comfortable with the answers, take your\nmoney elsewhere.<\/p>\n\n\n\n

Advocate for your security.<\/strong> As smart cars become so\nsmart that they begin to drive themselves, consumers must demand that\nmanufacturers provide better security for autonomous and semi-autonomous\nvehicles.<\/p>\n\n\n\n

Only use a trusted mechanic <\/strong>and be mindful of who you\ngrant access to your car. OBD-II ports are vulnerable but necessary, so\nskipping the valet may save you a costly automotive headache down the line.<\/p>\n\n\n\n

Keep the Conversation\nGoing <\/strong><\/p>\n\n\n\n

As our cars get smarter, their vulnerabilities will change.\nCheck back here<\/a> to keep yourself\nupdated on the newest trends in smart car technologies, and stay ahead of any potential\nthreats.<\/p>\n\n\n\n

<\/p>\n\n\n\n

\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

An unfortunate reality of all smart devices is that, the smarter they get, and the more integrated into our lives they become, the more devastating a security breach can be. Smart cars are no exception. On the contrary, they come with their own specific set of vulnerabilities. Following high-profile incidents like the infamous Jeep hack, […]<\/p>\n","protected":false},"author":109,"featured_media":29085,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[2985],"tags":[],"yst_prominent_words":[3959,25001,9067,24993,24989,24999,24991,20009,9165,8293,24995,3479,5463,24983,24985,24987,21583,24997,25003,9065],"acf":[],"_links":{"self":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/29081"}],"collection":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/users\/109"}],"replies":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/comments?post=29081"}],"version-history":[{"count":1,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/29081\/revisions"}],"predecessor-version":[{"id":29087,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/29081\/revisions\/29087"}],"wp:featuredmedia":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media\/29085"}],"wp:attachment":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media?parent=29081"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/categories?post=29081"},{"taxonomy":"post_tag","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/tags?post=29081"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/yst_prominent_words?post=29081"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}