Driving is already dangerous enough, especially in this season of winter storm warnings, but it turns out your car may contain more hidden hazards than you realize. The next frontier for hackers could be the wireless and Bluetooth tech used in your car, according to a report commissioned by the office of Senator Edward Markey (D-Mass).
The report, called Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk, found that nearly 100 percent of vehicles on the market come with wireless entry points or WEPs that could be a way in for hackers. Those WEPs include Wi-Fi keyless entries, remote starts, radio, and navigation and anti-theft systems.
Manufacturers collect information like fuel levels and tire pressure, as well as items like where the vehicle is parked, locations keyed into the GPS and how long the car stays parked at a destination are all recorded. They are often stored and sent to “third-party data centers” with varying degrees of security. When there are data collection policies, there is often not a clear-cut way, if at all, to opt out.
Most car manufacturers who were interviewed for the report “were unaware or unable to report on past hacking incidents.” The ones that were able to respond offered varying solutions to how they would react to real-time hacking incidents.
For example, one company said it could disable the vulnerable features; another said that it could slow down and stop the hacked car if it was in motion and a third said similarly that it would remotely place the car in a “fail-safe mode.”
Sen. Markey’s office submitted queries about consumer security to 20 car manufacturers. The office says it did not hear from Aston Martin, Lamborghini and Tesla Motors, but did receive answers from BMW, Chrysler, Ford, MG, Honda, Hyundai, Jaguar Land Rover, Mazda, Mercedes-Benz, Mitsubishi, Nissan, Porsche, Subaru, Toyota, Volkswagen and Volvo.