Telematics makers need to really consider data security

Car innovations tend to always be a few years behind the rest of the world. They’re such big products, that even if they bring in a brand new engine, new hi-fi system and other advanced features, they take years to design, prototype and manufacture, so when they eventually hit retail, they’re outdated by everything else in the tech world. However finally, cars are starting to come pre-packaged with pretty intelligent systems, including in some, pre-installed telematics hardware. This is good news for those that want some added function in their vehicle and the potential to reduce their insurance premiums, but something that car drivers and manufacturers are going to have to factor in now, is digital security.

We’ve seen in it movies for years, a police helicopter comes racing down on the bad guys and shoots some kind of device into their car that sends off an EMP signal, shutting down the vehicle or at least slowing it down. Maybe they have a bespectacled “hacker,” helping them from a building nearby. While that vision of vehicles was always left in the realm of sci-fi and poor acting, we’re not far off that sort of technology now as the guys at Vice discovered when they went to try out some of the security flaws with one particular vehicle, which a researcher then hacked from a distance and began controlling certain aspects of.

hack

Using just a laptop and some off the shelf hardware, the tech specialist was able to manipulate the car’s onboard systems to take control of everything. From the comfort of a chair on the other side of the car park, he used a standard laptop to control the car’s brakes, engine and security features with ease. This was achieved by tapping into what’s called the Controller Area Network (CAN bus network). However, the interesting part comes when we learn that the reason he was able to do it, is because this car was fitted with a simple telematics system. Because the vehicle was sending information digitally to the cloud non-stop, it’s connection can be hijacked.

Some of the postulated, nefarious uses for such technology, would be to put all the brakes on suddenly (perhaps only on one side if you really want to cause some problems) during a high speed segment of motorway, or turning off all the driver’s lights when it’s pitch black outside. There’s huge potential for very dangerous situations with this sort of technology, not to mention privacy invasions if your telematics hardware is simply taken over and your data sent to the hackers themselves. 

The reason all of this is possible, is because very little in contemporary cars is manually controlled, in-fact almost everything is mediated by a computer. When you press the throttle or turn the wheel, a digital signal is sent to the part in question and it performs the task absent from your actual physical force driving it. Therefore, hacking that middle-man computer gives you access to just about everything.

Fortunately though, these aren’t hacks that are easy to achieve, or are even possible on most cars (unless yours is absolutely brand new with very advanced systems) and you’d likely need to have a particular vehicle worth going to the trouble of hacking, but this is a proof of concept that car makers and particularly telematics manufacturers need to consider the wireless security of their hardware very seriously, as in the future, we could be looking at roadside hackers as becoming a major terrorist plot that’s practically untraceable.

    Jon Martindale

    Jon Martindale is an English author and journalist, who's written for a number of high-profile technology news outlets, covering everything from the latest hardware and software releases, to hacking scandals and online activism.

    All author posts