Protect yourself from hackers taking control of your car
May 2, 2023, 4:05 AM
(Public Domain Pictures Photo)
The right software can turn your smartphone into a spy device that watches everything you do. Scary, I know.
Here’s how to check if your phone is infected.
While you’re at it, check your computer. These are the signs that stalkerware is hard at work tracking your web activity, searches, and even the passwords you type in.
Shockingly, your car isn’t immune. With the proper electronics and software techniques, a determined hacker can intercept or block your key fob signal, infiltrate your car’s software, and even remotely control your vehicle.
So, is your connected car hackable? Most likely, yes. Here’s how.
Compromised car apps: Does your car have a smartphone app that allows you to unlock and start it remotely? Almost every car manufacturer offers this convenience in some makes and models.
Account usernames and passwords protect these apps. If hackers can break into your account or exploit a bug in the car’s software, they can compromise your entire vehicle.
My advice: To protect your remote start app, change the default password, use strong and unique credentials and never reuse your passwords from other services. Enable two-factor authentication if you can, and keep that software current.
Telematics exploits: Telematics is the broad term describing a connected system that remotely monitors your vehicle’s behavior. This data may include your car’s location, speed, mileage, tire pressure, fuel use, braking, engine/battery status, and driver behavior.
By now, you know anything connected to the internet is vulnerable to exploitation. Hackers that intercept your connection can track and even control your vehicle remotely. Now that’s scary.
My advice: Before you get a car with built-in telematics, consult with your car dealer about the cybersecurity measures they’re employing on connected vehicles. If you have a connected car, ensure its onboard software is always up to date.
Networking attacks: Here’s a throwback. Cybercriminals can also employ old-school denial-of-service attacks to overwhelm your vehicle and potentially shut down critical functions like airbags, antilock brakes, and door locks.
This attack is feasible since some connected cars have built-in Wi-Fi hotspot capabilities. As with regular home Wi-Fi networks, they can even steal your data if they infiltrate your car’s local network.
Also, it’s a matter of physical safety. Remember, multiple computers and engine control modules run modern cars. If hackers can shut these systems down, they can put you in grave danger.
My advice: Regularly changing your car’s onboard Wi-Fi network password is a must. Turning off your car’s Bluetooth and Wi-Fi is also a good idea when not in use.
Your home’s Wi-Fi needs to stay locked down, too. Use these steps to find and remove anything that shouldn’t be on your network.
Onboard diagnostics (OBD) hacks: Every newer car has an onboard diagnostics port. This interface allows mechanics to access your car’s data, read error codes and statistics, and even program new keys.
Anyone can buy exploit kits that can utilize this port to replicate keys and program new ones to use them for stealing vehicles.
My advice: Always go to a reputable mechanic. A physical steering wheel lock can also give you extra peace of mind.
In-car malware: Another old-school internet hack reaches connected cars, specifically models with internet connectivity and built-in web browsers.
Crooks can send you emails and messages with malicious links and attachments that can install malware on your car’s system. Anything is possible once the malware is installed.
Car systems don’t have built-in malware protections, so this can be hard to spot.
My advice: Practice good computer safety practices even when connected to your car. Never open emails and messages nor follow links from unknown sources.
Key fob attacks
With the proliferation of cheap electronics and relay gadgets that can be purchased easily online, key fob attacks are more common than ever.
The relay hack: Always-on key fobs present a serious weakness in your car’s security. If your keys are in range, anyone can open the car, and the system will think it’s you. That’s why newer car models won’t unlock until the key fob is within one foot.
However, criminals can get relatively cheap relay boxes that capture key fob signals up to 300 feet away and transmit them to your car.
One thief stands near your car with a relay box while an accomplice scans your house with another. When your key fob signal is picked up, it is transmitted to the box closer to your car, prompting it to open.
Keep reading for steps on how to protect your key fob.
Keyless jamming: In this scenario, crooks will block your signal. Say you issue a lock command from your key fob. It won’t reach your car, and your doors will remain unlocked. The crooks can then have free access to your vehicle.
My advice: Always manually check your car doors before stepping away. You can also install a steering wheel lock to deter thieves from stealing your car, even if they get inside.
How to stop key fob attacks
There are a few easy ways to block key fob attacks. You can buy a signal-blocking pouch that can hold your keys, like a shielded RFID-blocking pouch.
Stick it in the fridge or microwave: Stick your key fob into the refrigerator or freezer. The multiple layers of metal will block the signal. Just check with your manufacturer to ensure freezing your key fob won’t damage it.
The microwave will also block signals. Just don’t turn it on.
Wrap your key fob in foil: Since your key fob’s signal is blocked by metal, you can also wrap it up in aluminum foil. While it’s the easiest solution, it can leak the signal if you don’t do it right. You could also make a foil-lined box to put your keys in if you’re in a crafting mood.
What digital lifestyle questions do you have? Call Kim’s national radio show and tap or click here to find it on your local radio station. You can listen to or watch The Kim Komando Show on your phone, tablet, television or computer. Or tap or click here for Kim’s free podcasts.