More evidence connectivity is outpacing security
Hot on the wheels (sorry, couldn’t resist!) of the uConnect hack comes another concern-causing car finding. This time, researchers at the University of California San Diego announced their discovery of a method that allows them to to hack thousands of different vehicles from a distance using the onboard diagnostic devices employed by insurance companies to determine details like traveling speed and location. The trigger? A simple text, send to the device’s cellular radio.
The team announced their findings via a YouTube video that quickly made the rounds on the ‘net:
The researchers did inform distributor Metromile about the vulnerability in its onboard devices, and the organization pushed out a wireless update which plugged the hole. While this org did the right thing, it scares us to even try to estimate the number of others who would insist on waiting until there was a major public incident before engaging in crisis management for the potential problems. Or who would actively exploit it!
With the race to plug everything from cars to toasters into the Internet in full swing issues like this are going to appear again and again. As usual, tech is outpacing security measures, and while it’s creating a field day for hackers both white hat and criminal-minded it should be creating an equal number of concerns among those who haven’t already planned and prepared for the eventuality of a hack in the products they create, distribute, or use on a regular basis.
Erik & Jonathan Bernstein