Imagine this: You’re cruising down the highway in your new Jeep at a cool 70 MPH when the air starts blasting from the vents. Strange, but not too alarming, right?
You’ve just reached over to turn it off when the radio surges to life and music blares at full volume. You twist the knob and press the off button, but nothing happens. You grow more frantic and perplexed as you drive, trying to keep your eyes on the road as your heart hammers in your chest and the music continues to roar through the Jeep’s cabin.
In the midst of your rising confusion, the windshield wipers turn on and fluid spews across the glass, blurring your vision.
Is your car possessed? Yes, but not by a spirit. the answer flashes on your dashboard’s digital display: two men in tracksuits, Charlie Miller and Chris Valasek.
This story happened in real life to Andy Greenberg, a journalist who willingly signed up to be Miller and Valasek’s subject in a car hacking experiment. The two men had studied car hacking for the past year and discovered a technique capable of accessing not only Jeep Cherokees but thousands of other vehicle models wirelessly via the internet.
Through the decked-out entertainment system, a hacker could gain full control of your car’s radio, dashboard, steering, and even your brakes, all from behind a laptop anywhere in the country.
Your car is subjected to hijacking just like a computer. The suite of technology and advanced safety features in newer models leaves you constantly connected to servers, which puts drivers like you at risk.
But don’t worry; there’s plenty you can do to protect yourself on the road, and it all starts with understanding the basics of car cybersecurity.
Part of being on top of your car’s cybersecurity is having the right coverage. Cyber liability auto insurance exists to protect drivers whose information has been comprised as a result of a cyber attack.
If your car is hacked, stolen, or worse, you can protect your sensitive data. Starting comparing policies to ensure you’re covered from cyberhacking.
Automotive Cybersecurity Defined
Automotive cybersecurity is an umbrella term that encompasses the various tools and techniques used to protect a car’s electronic systems, software, data, communications networks, and more from unauthorized access and control (National Highway Traffic and Safety Administration).
Did you know that vehicle cybersecurity is such a growing sector of the Information Technology industry that it’s become a discipline of academic study at major universities like Carnegie Mellon and Ohio State University?
Knowing the role cybersecurity plays in today’s automobiles helps you understand the importance of protecting yourself and loved ones.
One mistake is thinking digital hijacking is something reserved for people with dangerous backgrounds or sci-fi movies. In 2015, after Miller and Valaseks’ hacking experiment, the first cybersecurity recall was issued by Chrysler. A total of pulling 1.4 million vehicles off the road to correct a major vulnerability found in the software.
How Someone Hacks a Car
It sounds like it would take tons of expensive, high-tech equipment and black market software to gain access to a car, but really all it takes is some time, a computer, and a WiFi connection.
Anyone willing to spend the time learning how to hack into a vehicle can do so, which means you could be at risk every day without any idea.
Today’s cars are all equipped with some type of assistance technology, which requires external computer systems and software to function properly. The car safety features you consider a must-have on your next investment could actually be one of the greatest threats to your security if you don’t understand how to protect yourself.
To hack a car, someone has to identify the weaknesses in a vehicle’s software and technology. There are many loopholes and vulnerabilities that someone with the desire could identify and manipulate.
Some drivers even hack their own vehicles by modifying their car’s software to add new functions and improve fuel efficiency.
Is your car at risk of being hacked?
Certain types of cars are more susceptible to cyber attacks than others. Wired published an article called “How Hackable is Your Car?” that covers the car models most susceptible to being hacked and explored the various features that can leave a car open to hijacking.
All of the data featured is based off a 92-page paper that Miller and Valasek compiled as a result of their car hacking research.
Some of the greatest risk factors for cybersecurity were:
- The size of the “wireless attack surface”, i.e. whether or not you have a Bluetooth system, WiFi capability, keyless entry system, cellular network connectivity, and even vehicle monitoring systems connected to your radio.
- The level of access your car’s software and systems have to your steering and brakes.
- “Cyber-physical” features like automated braking, parking and lane assistance, all of which could be hacked and cause a driver to lose complete control of their vehicle.
The Good News
Although it’s scary to consider your car suddenly being taken control of while you’re still behind the wheel, you aren’t completely hopeless.
The FBI issued a public service announcement in 2016 that warned drivers about the dangers of car hacking and told them to always keep their vehicle software up to date and be vigilant about any recall notifications from manufacturers.
Car hacking might be easier than expected, but thankfully some basic knowledge can help you reduce your likelihood of being affected.
10 Ways to Up Your Vehicle’s Cybersecurity Today
#1 – Keep Your Software Updated
We’ve all delayed a PC or phone update by weeks or even months, but when it comes to cybersecurity, you’ll want to keep your car’s software current at all times.
Manufactures make improvements to vulnerabilities and bugs in their systems with updates, which will keep you safer on the road and make it more difficult for hackers to gain remote access.
#2 – Be Cautious of Third-Party Devices
By purchasing a device that plugs into your car, you’re potentially creating a doorway for hackers. Modern vehicles are all equipped with OBD-II, a diagnostics port that technicians use when testing systems.
Many new third-party devices also plug directly into this port, which could leave access to your car’s software and your driver data wide open.
Make sure that you thoroughly investigate any electronic devices before you buy them. Only purchase from reputable companies, and avoid anything that’s secondhand or sold by a private owner such as on eBay, Craigslist, or the Facebook Marketplace.
#3 – Only Let People You Trust Use Your Vehicle
Discretion is important when it comes to sharing your car. While you may be a Good Samaritan and offer someone a ride, it’s important to use caution when lending your vehicle to another person. Only let those you trust borrow your car and plug devices into your vehicle.
If you’re a rideshare driver, don’t let passengers plug in their devices to your vehicle.
#4 – Stop Using Your Keys Remotely
One of the easiest ways to prevent people from hacking into your car’s push-to-lock system is by forgoing your keyless system and using your central lock button or physical keys to open and lock your car’s doors.
#5 – Place Your Fob in the Fridge
It sounds weird, but there’s science at work behind this practice. Being surrounded by the metal will prevent hackers and thieves from being able to detect signals from your key fobs.
#6 – Use Aluminum Foil
Similar to the fridge technique, wrapping your key fob in foil when you’re not using them can decrease visibility to any hackers looking for a ping.
Holly Hubert, an FBI retiree and cybersecurity expert, says that this inexpensive method blocks electromagnetic signals during the day. While a Faraday bag is a better option, the foil trick works in a pinch.
#7 – Turn off WiFi and BlueTooth
When you aren’t behind the wheel, make sure you shut down all wireless communications and network connectivity. These are easily accessible, common avenues hackers use to detect signals.
#8 – Use Anti-Virus Software to Scan USB Devices Before Use
Your phone can benefit from virus protect just like your computer, and now, so can your car. Use a free anti-virus protection software like AVG to scan any new USB devices before you connect them to your vehicle.
AVG also suggests keeping your car’s WiFi password hidden, i.e. not written anywhere stored in the vehicle.
You could save it as a note on your phone, for example, or leave a password hint in your car that only you know rather than just the password outright.
#9 – Investigate “Save as You Drive” Programs
Many insurance companies offer discount programs to customers that reward them for good driving. In order to qualify, drivers have to plug a monitoring device (called a dongle) into their ODB-II ports.
A professional hacker warned drivers in a 2015 Forbes article that devices like Progressive’s Snapshot dongle have “basically no security technologies whatsoever.”
Although some changes have inevitably been made, there are many companies that most likely haven’t updated their dongles and leave drivers like you vulnerable when you’re just trying to save some money.
#10 – Invest in Some Defense Gear
A traditional steering-wheel lock can act as a deterrent to hackers who want to steal your car. You could also consider a tire lock, kill switch, and similar anti-theft devices.
Protect Your Car with the Right Coverage
You can’t control what happens to your vehicle, but you can make sure you have enough coverage to recover in case of an emergency, theft, or accident.
When you understand the different scenarios you might require a certain type of coverage, it becomes easier to figure out which company really offers the best deal. We can help get you started.
Good car insurance starts with comparison shopping, so start comparing today to protect what matters most.