Cars More Vulnerable to Cyber-Attacks than we Thought?

British Telecommunications (BT) self-hacks to test exposure of connected vehicles to cyber-attacks.

Modern vehicles are becoming more connected by the model.

Wireless features like built-in GPS, Bluetooth and 3G/4G mobile data links can be included with systems for navigation, infotainment and safety tools. What if these connected features were targetable by hackers?

Now I’m not saying that a hacker could take direct control of your car. Wild theories of a similar nature have been posited about whether terrorists could hack an airplanes autopilot.

In-flight WiFi systems are not only separate from flight controls, but if a hacker did somehow take control of the planes autopilot, it could simply be turned off.

But British Telecommunications (BT) believes cyber-attackers could take over certain functions and features of your vehicle. They could also store information on driver’s habits for commercial purposes without their knowledge or consent.

“Vehicles are now connected devices, confronting manufacturers and suppliers with a whole new world of security challenges,” said Hubertus von Roenne, vice president of global industry practices at BT Global Services. “We have seen cars infected with malware while connected to a power charging station – because nobody had expected this would be possible.”

In response, BT announced yesterday their “BT Assure Ethical Hacking for Vehicles” security initiative.

Employing a group of “ethical hackers” among a team of security specialists, BT will imitate cyber-attacks looking for vulnerabilities in their vehicles systems. These vulnerabilities are believed to allow unauthorized alteration of configuration settings or would introduce malware into the car.

The tests will cover interfaces that are accessible inside the car, such as Bluetooth links, USB ports, DVD drives and external connections such as links to mobile networks or power plugs.

To learn more about what devices can be hacked, watch this Tedx Talk with Avi Rubin: