PHILADELPHIA (CBS) – It is supposed to be the height of convenience — a remote or smartphone app that starts you car and controls some of its functions. But, like most technology, it has its weaknesses — and this one could expose you to a whole different kind of carjacker.
You may have seen the commercial: a man calls his wife, and asks her to start their car from afar.
(Woman:) “Last time.”
(engine turns over)
(Man:) “Oh! Sweet.”
But what happens when a hacker gets his hands on it?
“We were able to unlock the doors remotely, and we were able to start the engine. And if we wanted to, we could have driven off with the vehicle,” said Don Bailey of iSEC Partners, a security consultancy company.
Bailey was able to take control of a Subaru that had an ignition and security system with a remote cellular connection. But, he says, it could work on other similarly equipped cars on the market and worse.
“They can also perform the same attack against critical infrastructure that we use day-to-day to ensure lives are running smoothly,” Bailey said.
He says some traffic lights, ATMs, even water treatment plants that use the same technology are vulnerable because companies have let cell network security slide to cut production and consumer costs.
Reported by Ian Bush, KYW Newsradio 1060