How can your car be hacked?

Posted on February 28th, 2019 by Rob Marshall

How can your car be hacked?

While the increasing amount of electronics and connectivity is set to evolve our ways of using the motorcar, the criminal fraternity is devising ways of hacking into your car’s systems.

Hacking into the radio frequency of a tyre pressure monitoring system (TPMS) can give false pressure warnings/readings. On a greater scale, should the car’s CAN bus wiring system be accessed, various parts of the car can be shut down, from the air conditioning to the engine. While these security flaws have a safety implication, most hackers wish to achieve a greater personal benefit than simply making mischief – getting control of a high-value vehicle tends to be the priority. With vehicle theft rising in recent years, it is important to be aware of the top five most common methods of ‘Vehicle Interference’ that the criminal fraternity employs:

1. Hacking keyless entry
Rather than stealing your car keys, criminals use a relay box to boost the signal that keyless fobs emit, fooling the car into thinking that an ‘unlock’ and ‘engine start’ request is genuine.

2. Keyless jamming
This works the other way round, where criminals wait for you to alight and use electronic hardware to block any ‘locking’ signal that a keyless fob may send to your car. This results in the doors remaining unlocked, when you walk away.

3. Security App hacking
Expensive security and vehicle location tracking apps have proven not to be impenetrable – some high-end vehicles are fitted with such equipment as standard. Yet, should the software that protects the servers not be sufficiently robust, hackers can not only locate and unlock vehicles but also deactivate all security features and start the engines as well.

4. OBD hack
The On-Board Diagnostics port (as pictured) is one of the most important aspects of car owners retaining their rights to have a vehicle serviced by independent garages. Yet, in the wrong hands, a hacker can start and drive the vehicle away, as well as programming new keys. Some owners of valuable cars relocate the OBD port to a hidden place and fit a ‘dummy’ in the usual place to fool thieves.

5. Phone Phishing
With many new cars being equipped with Wi-Fi, hackers can access your mobile telephone via your car. Should you have any mobile-phone apps that you use to control your car over the Internet (such as systems where you can pre-warm the interior before leaving your home), hackers can steal the information to take control instead. This happened previously several years ago. In addition, your personal data can also be compromised.

What you can do?

Firstly, adopt a common sense approach. Never leave valuable items in the car, especially in an obvious place in full view. This includes loading the car with valuable items, prior to leaving it. Park in well-lit areas, in view of CCTV cameras, if possible. Always lock your car and check the doors manually (of possible – some cars unlock as you reapproach them) and never leave the engine running unattended.

Read the fine print in your insurance policy, to check that you are insured against hacking. You may have to demonstrate to the insurer that you took ‘reasonable care’. Therefore, if you possess a car with a keyless fob, store it away from the front door and even consider locking it in a secure container. Ask also if the true value of your car will be covered – ‘gap’ (or agreed value) policies may be worth considering, come renewal time.

Contact your car manufacturer for advice on how the security systems work and if there is anything that you can do to reduce the risk of being hacked. Consider buying a visual deterrent, such a Thatcham Approved steering wheel, gear lever, or pedal lock.