• Car viruses? Do you even believe they exist?



    By the time you see this headline, the first question that pops into your mind is: Could a Car get a Computer Virus? Well the answer to that question is a capital YES!

    In the past, car viruses were rare because one of the only ways to infect a vehicle was by a mechanic and via the computer or software he used to diagnose problems with the car.

    More than 100 Texas drivers could have been excused for thinking that they had really horrendous luck or -- at least for the more superstitious among them -- that their vehicles were possessed by an evil spirit. That's because in 2010, more than 100 customers of a dealership called Texas Auto Center found their efforts to start their cars fruitless, and even worse, their car alarms blared ceaselessly, stopped only when the batteries were removed from the vehicles [source: Shaer].
    What seemed to some to be a rash of coincidence and mechanical failure turned out to be the work of a disgruntled employee-turned-hacker. Omar Ramos-Lopez, who had been laid off by the Texas Auto Center, decided to exact some revenge on his former Austin, Texas employer by hacking into the company's Web-based vehicle immobilization system, typically used to disable the cars of folks who had stopped making mandatory payments [source: Shaer]. Besides creating plenty of mayhem and generating a flood of angry customer complaints, Ramos-Lopez, who was eventually arrested, highlighted some of the vulnerabilities of our increasingly computer-dependent vehicles from a skilled and motivated hacker.
    Although Ramos-Lopez's attack generated a lot of attention, his hacking was fairly tame compared to the possibilities exposed by analysts at a number of different universities. Indeed, in 2010, researchers from the University of Washington and the University of California at San Diego proved that they could hack into the computer systems that control vehicles and remotely have power over everything from the brakes to the heat to the radio [source: Clayton]. Researchers from Rutgers University and the University of South Carolina also demonstrated the possibility of hijacking the wireless signals sent out by a car's tire pressure monitoring system, enabling hackers to monitor the movements of a vehicle.
    Taken together, these events show that cars are increasingly vulnerable to the sort of viruses (also known as malware) introduced by hackers that routinely bedevil, frustrate and harm PC users everywhere. Obviously, this has real implications for drivers, although the researchers themselves point out that hackers have not yet victimized many people. But the ramifications are clear.
    "If your car is infected, then anything that the infected computer is responsible for is infected. So, if the computer controls the windows and locks, then the virus or malicious code can control the windows and locks," says Damon Petraglia, who is director of forensic and information security services at Chartstone Consulting and has trained law enforcement officers in computer forensics. "Same goes for steering and braking."




    As high-technology continues to creep into horseless carriages everywhere, there's one thing we can all count on: abuse of that technology. According to Reuters, Intel's "top hackers" are on the case though, poring over the software which powers the fanciest of automobile technology in hopes of discovering (and dashing) various bugs and exploits.
    Except under the most specific of scenarios, the damaging results from an attack against an unsuspecting user's personal computer are often limited. Hackers may be able to cripple a computer, invade a user's privacy or even steal someone's identity. Causing personal injury or death though, is typically out of the question. However, with an increasing amount of technology and software proliferating modern vehicles, this could all change. 
    "You can definitely kill people," asserts John Bumgarner, CTO of a non-profit which calls itself the U.S. Cyber Consequences Unit.
    As outlined in the following publication, Experimental Security Analysis of a Modern Automobile (pdf), researchers have already shown that a clever virus is capable of releasing or engaging brakes on a whim, even at high speeds. Such harrowing maneuvers could potentially extinguish the lives of both its occupants and others involved in the resulting accident. On certain vehicles, researchers were also able to lock and unlock doors, start and disable the engine and toggle the headlights off and on.
    Ford spokesman Alan Hall assures us, "Ford is taking the threat very seriously and investing in security solutions that are built into the product from the outset". Ford has been an industry leader in adopting advanced automotive technologies.
    Thus far, there have been no reported incidents of injury or death caused by automobile hacking. That's according to SAE International, a major standards committee for automotive and aerospace industries.
    When asked by Reuters whether or not there had been any such reports, most manufacturers declined to comment. However, McAfee executive Bruce Snell claims that automakers are still very concerned about it. Snell admits, "I don't think people need to panic now. But the future is really scary." McAfee, which is now owned by Intel, is the division of Intel investigating automobile cyber security.

    We can only hope and pray that solution arrives early enough before this viruses are being released en-masse which could endanger the lives of innocent car owners.

    5 comments → Car viruses? Do you even believe they exist?

    1. Was talking to a mechanic about this just last year. Had to get a new transmission put in the family car because a sensor went bad & the computer arbitrarily decided to throw the transmission into reverse while I was driving down the expressway. With the amount of computer controlled systems in new & upcoming autos (esp. with German cars), it's only a matter of time before bugs & malicious code start wreaking their havoc on commuters.

    2. What a thought provoking article!!

      I have long seen mechanics using diagnostic tools that plug into a recepticle of the electronics of autos - mine and others' of course. But in chatting with one of my mechanics I learned that they connect these diagnostic appliances to their PCs with USB cables to download updates!!

      Therein lies a HUGE exposure. Think about it; if they are downloading diagnostic updates from a site that has been compromised, they may well be getting the updates with malicious code!! YIKES!

      The exposure exists just like any time we connect private networks or systems to public networks, but the real risk is in the hackers' ability to craft their code to the hardware and OS of the automobile's systems. Not knowing anything about OS's or file structures of each model auto, I can't offer a real risk analysis, but obviously there aren't going to be more than a few combinations across all auto types, so the potential for damage is there with out doubt!

      Well, yet another Anti Virus opportunity for the AV software vendors and one more thing to make our cars/trucks start more slowly

      :-D

    3. Every device which uses internet, GPRS or G3 service may cause virus to your device. So save your device from viruses trough anti virus.

    4. Or, for the paranoid (read just careful) drive an old car pre-injection, manual or old-school (Non-computer-controlled) auto
      Anything pre 1970s should fit the bill. Plus you can do most mechanical repair work yourself. Older cars ofter have great classic car club and industry support.

    5. Find the latest used and new cars for sale.
      Great used car deals and prices.
      More here cars for sale USA