— Should the typical car owner worry about their car coming under the control of hackers? The FBI says the answer is yes, we should all worry enough to take precautions with our vehicles.
While the auto industry is busy turning vehicles into roaming 2-ton wireless devices, the FBI has issued a warning about potential cybersecurity threats. The government says it's important to recognize vulnerabilities in equipment that comes standard in cars and in aftermarket devices purchased by consumers.
According to the FBI, vehicles are "increasingly vulnerable to remote exploits," something that will continue to grow as cars become self-driving computers. The primary problem lies in the electronic control units (ECUs) that control steering, braking, acceleration and even the lights and windshield wipers.
In addition, ignition controls, keyless entry, navigation systems and a host of other features depend on wireless technology that can be hacked. The FBI says automakers are trying to limit how vehicle wireless communications and diagnostic ports interact, but these new connections provide additional portals to attack the vehicles from the outside.
Recent hacker attacks have shown the dangers of vehicles that are always connected wirelessly, especially with the example of a Jeep Cherokee hacked by friendly researchers testing the system.
Using a laptop in a basement allowed two researchers to take control of the Jeep through the radio/infotainment system. The hackers found when the Jeep was traveling less than 10 mph, they were able to shut down the engine and disable the steering and brakes.
Further, researchers could control the door locks, turn signals, tachometer, radio/GPS and heating and cooling systems no matter what speed the Jeep was traveling.
The National Highway Traffic Safety Administration was concerned enough to open investigations into the electronic vulnerabilities, and Chrysler recalled about 1.4 million Jeeps after word of the hack reached the public.
The FBI says consumers should do what they can to limit the chance of being hacked, including by watching for recall notices that involve software updates. However, be careful if you get an email that says your car is recalled and you need a free software download. One wrong click could expose you to more harm by opening your device to malicious attacks.
Also be suspicious if a free USB drive appears in the mail with instructions on how to use it, yet the drive is something you weren't expecting. A real official recall will always give you the option to bring the car to a dealer for software updates, so don't hesitate to contact the dealer with questions.
The government also says to be careful about connecting third-party devices to the car, especially devices that connect directly to the diagnostic port. And lastly, be careful who you let access your vehicle by treating your car like your computer or smartphone.