What is a ‘cracker’ and how could they manipulate the brakes of your car or start it without the key

by time news

S. M.

Updated:05/23/2022 00:49h

Save

The great technological advances in the automotive sector arrive almost at the same time as cybercriminals. The more connected we are, whether at home, mobile or in the car, the more likely it is that we will be victims of some form of cybercrime or cyber attack. Now they are called ‘cracker’ and could even, remotely, modify the software of a vehicle, according to the General Directorate of Traffic (DGT). But the action of computer criminals with the car or the motorcycle is not something new. Already in 2010, a team of researchers from the universities of Seattle and California (USA) demonstrated that the latest generation cars were vulnerable to cyberattacks and managed to hack two vehicles that disabled the brakes and the engine remotely and when they were underway.

The attacks multiplied until in 2018 the FBI alerted the manufacturers that they were in the crosshairs of the ‘crackers’.

And just a few weeks ago a cybercriminal named David Colombo He warned the world that he had control of 25 Tesla electric cars in 13 different countries due to a mistake by the owners and without them being aware of the attack. A disturbing drift that has put Interpol on guard, which states on its website: “Cybercrime is growing at a very fast pace. They operate on a planetary scale, coordinating attacks in a matter of minutes.”

However, component manufacturers have been working for years and the UN has already developed a standard that unifies criteria and requirements, and implements the minimum cybersecurity bases for all vehicles. For its part, Cesvimap (Mapfre’s Center for Experimentation and Road Safety), lists the measures that manufacturers will have to take. “The UNECE Regulation requires manufacturers to maintain a certified Cybersecurity Management System that must be evaluated and renewed at least every three years.” Without it, manufacturers and suppliers will not be able to homologate or sell vehicles, components or software in the EU after June 2022.

Some examples are, using the bluetooth system so that when the phone and vehicle are linked, it can obtain a dump of your data and personal information, use it to know your position and spy on you, harass you, impersonate your identity… It can also attack the e-call or emergency call system to prevent assistance in the event of an accident. In addition, it can activate or deactivate the airbags, take control of the steering and brakes to cause an accident, provide you with false information through the GPS or the radio’s RDS system…

Even Ford has for the first time made available to vehicle owners its reinforced security system connected to a smartphone, SecuriAlert (previously known as Guard Mode). Once activated, it sends a notification to the vehicle owner’s smartphone if it identifies any activity in the vehicle, including attempts to open the doors or gain access with the key, providing customers with peace of mind when their cars are out of sight, or of the ear.

And we must not forget about autonomous or electric cars, with which new forms of attack are opened: for example, to your electrical system or the recharging point to cause from an expensive breakdown or steal, to cause a fire with the consequent fatal risk.

See them
comments

You may also like

Leave a Comment