Cybersecurity analysts warn motorists of car hacking, recommend trackers, others | #government | #hacking | #cyberattack


In a rapidly changing technology world ravaged by criminal activities, the era of smashing of car windows and hotwiring cars appears over with the emergence of hacking to steal vehicles.

Online sources define car hacking as when someone takes control of one’s car or some of the car’s systems remotely over the internet.

The vulnerabilities of cars have been exploited for many years, but new hacks are now possible due to the now-common internet capabilities of modern vehicles.

This is done by accessing a car’s computer systems through software such as CAN bus, Bluetooth pairing, or via physical access to connectors and ports. Technological advancements seem not to have kept up with the checking of these limitations.

One of the most infamous car hacks occurred in 2015 when two security researchers killed the throttle to a Jeep.

With modern technology, carjacking, jamming, cloning key fobs, defeating immobilisers and scanners are different methods used by hackers to steal someone else’s car. In fact, research shows that in the future, motorists may have to worry about vehicle occupants being driven remotely to specific locations by hackers and robbed of their vehicle.

Recently, the Nigerian Communications Commission warned Nigerians to be wary of hackers now unlocking vehicles for purpose of stealing and other vices, saying the new trend also offered hackers an opportunity to make away with the hacked cars.

According to the NCC, the ongoing cyber-vulnerability allows a nearby hacker to unlock vehicles, start their engines wirelessly and make away with cars.

The NCC stated, “The fact that car remotes are categorised as short-range devices that make use of radiofrequency to lock and unlock cars informed the need for the commission to alert the general public on this emergent danger, where hackers take advantage to unlock and start a compromised car.

“According to the latest advisory released by the Computer Security Incident Response Team, the cybersecurity centre for the telecom sector established by the NCC, the vulnerability is a Man-in-the-Middle attack or, more specifically, a replay attack in which an attacker intercepts the RF signals normally sent from a remote key fob to the car, manipulates these signals, and re-sends them later to unlock the car at will.

“With this latest type of cyber-attack, it is also possible to manipulate the captured commands and re-transmit them to achieve a different outcome altogether. “Multiple researchers disclosed a vulnerability, which is said to be used by a nearby attacker to unlock some Honda and Acura car models and start their engines wirelessly. The attack consists of a threat actor capturing the radio frequency signals sent from your key fob to the car and resending these signals to take control of your car’s remote keyless entry system.’’

This year, Upstream, a cybersecurity and data management platform for connected vehicles, based in Herzliya and Michigan, analysed more than 900 publicly reported cyberattacks on cars in the last decade.

In the report, the frequency of cyber hacks on cars rose by 225 per cent between 2018 and 2021 while the number of remote attacks on cars in 2021 totalled about 85 per cent outnumbering the physical attacks four to one out of which 40 per cent of these remote attacks targeted back-end servers of cars.

Also, keyless entry and key fob attacks account for 50 per cent of all vehicle thefts. Thieves only need to be close to the key fob for a hacker to pick up and reproduce its signal. The top attack categories were data/privacy breaches (38 per cent), car theft/break-ins (27 per cent), and control systems (20 per cent).

Upstream projects that the automotive industry is projected to lose $505bn by 2024 to cyberattacks.

Speaking in the issue, a cybersecurity expert, Olugbenga Odeyemi, stated that car owners needed to they learn about their cars and how to secure them against theft.

On ways to prevent car hacking, he said, “Newer car models have become sophisticated thereby reducing the possibility of hacking into the car system. Older models however are still susceptible to hacking.  Also, using an external steering lock is generally helpful. Most importantly, car owners should get premium insurance coverage. I know this isn’t possible for most people due to the economic situation in the country, but getting a premium insurance cover helps a lot.”

Odeyemi noted that car trackers would help to combat such occurrences, adding “Installing a car tracker will go a long way in protecting the car.  There are sophisticated car trackers that enable you to know the location of the car and also give you access to shut down the car engine. This is an important extra layer of protection for the car.’’

He further stated that in a case where a car has been hacked, the best approach is to report to the relevant authorities and inform one’s insurance company. He advised those with trackers imbued in their cars to shut down the engines wherever the vehicles are parked.

Also, Odeyemi noted that the government had a role to play in combating car theft through any means including equipping the Nigeria Police Force to help track stolen cars.

He stated, “Having a single or centralised car registration database for the whole country will be of great benefit to the entire country. Car buyers can research the history of the said car within the country before purchase. Police and other security agencies can also use this information to track stolen cars and build up their cases against car thieves.

“A situation whereby each state manages a separate database of registered cars is not ideal for a country as big as Nigeria. I know that for the sake of revenue, the current structure is beneficial but it leaves many security loopholes that put car owners at risk. We should work around merging the databases into a single central database and making them available on the internet without exposing the personal details of the car owner.”

In his comment, another cybersecurity expert, and the Managing Director, Agent-X Security Limited, Timothy Avele, said that Nigerians have to start being security seriously before bad things happen.

He said, “Car hackers have more ways to attack modern cars today than ever before. It’s critical that car owners are able to detect suspicious activity at every vulnerable point before it turns into a breach. A great example of early threat detection for car manufacturers as well as owners is Auth0’s anomaly detection, which provides both brute-force and breached password detection.”

Avele further stated that another way to prevent a car from being hacked was through multi-factor authentication. He said, “Just as we protect our bank accounts and other critical digital assets with passwords, and fingerprints, we can do the same with our cars to prevent them from being hacked.”

In his comment, a Nigerian car hacking and tracking expert, David Temitope, opined that the rise in global car theft through hacking was alarming, adding that it would be an issue of concern to cope with such in Nigeria.

He said, “The ignorance of many Nigerians who find it hard to believe things easily will be a great disturbance in this case. In the case of hacking cars, it’s most likely impossible for someone who isn’t tech-savvy to counter it. However, if a tracking device is installed in the vehicle; such a car can be tracked after it has been stolen.

“Imagine an owner of a car that is worth over N2m leaving the car’s protection to chance. This is ignorance. You are meant to put everything in place. Your role as a car owner comes first; car trackers, dash cams, etcetera are important tools for a car.’’    ,,

Copyright PUNCH.

All rights reserved. This material, and other digital content on this website, may not be reproduced, published, broadcast, rewritten or redistributed in whole or in part without prior express written permission from PUNCH.

Contact: [email protected]



Original Source link

Leave a Reply

Your email address will not be published.

forty four − = 40