As of now, Hackers have got to take their hands on you car. No matter which brand of however advanced car system you’ve got, they will still get to compromise systems of your car. Anything in your car, having nature to be Switched ON of Switched OFF, could be get over by hacking.
Recently, a team of Security Researchers, Andra`s Szijj and Levente Butty`an from CrySys Lab along with Zsolt Szalay of Budapest University has showed some of Car Hacking quests.
Hackers Can Disable your car's Airbags System
|Hackers Can Disable your car's Airbags System|
They demonstrated Audi TT sold by Volkswagen and show that any of the car brands is hackable, what is requires is some of hacking skills in hacker.
They were able to disable Car’s Airbags as well as some other functions. They did it by exploiting Zero-Day-Vulnerability in 3rd party software, from Car’s mechanics.
They also said that Volkswagen has no other faults or anything but there’s 3rd party software with is widely used with the car systems. That is why hackers were able to hack the system.
Most of the car with latest functionalities contains drive-by-wire system. It simply means that most of all the car functionalities are being managed electronically including major parts such as Steering, Brakes, Accelerator and much more.
What if hackers got their hands on this entire system? Well, then practically they will be able to do anything into any cars!
What do they actually do?
Hackers need to get their access to the car system by either of the following:
A. Compromised PC of a mechanic
B. Malicious USB to be plugged in the car.
And that’s it.
Such attach replaces the FTDI DLL which is used in communication with Diagnostic Cable. While system is malicious, it is quite easier for hacker to hack the entire system.
After getting system being infected, hacker is able to compromise everything from the car system. And is able to Switch ON as well as Switch OFF any features.
Butty`an released the statement: "Anything that can be switched on or off from the diagnostic application could have been switched on or off. After switching off the airbag, we can consistently report to the application that it is still switched on."
Is there any worse case scenario?
Yes, there could be more into this. It could be more dangerous if any of the hackers could get to update car’s embedded Control Unit FirmWare through ODB2 Port, by able to inject a Backdoor in such a way that it triggers while car is in motion!
They also said that this is work of POC – Proof Of Concept of some of their previous research by 2011. That was a Paper titled “Comprehensive Experimental Analyses of Automotive Attack Surfaces” by Stephen Checkoway.