Car piracy could become a serious problem in the future. With cars increasingly connected to the internet with each new model, some theorize that we are at risk of a new type of vehicle theft. It is currently incredibly rare, but it has actually happened. Car engines can't be turned off yet, but keyless thefts are a reality. This would bypass the safety of your car and allow would-be thieves to empty your car of all your beautiful possessions.

Keyless entry isn't the only issue here for cars and it's not your only vulnerability. On the bright side, today, you don't have to fear for your physical safety. This does not mean that it will not be the case in the future. Especially as hackers get more sophisticated.

Can your car be hacked ?
Modern "smart" or internet-connected cars can certainly be subject to car hacking. But older cars are vulnerable too, but to varying degrees. Andy Greenberg decided to become a guinea pig for a hacking experiment. Sitting in the back seat, the two hackers had fun with Andy with him at the wheel.

Hackers managed to take control of this Ford Escape remotely. These guys have received funding from the Defense Advanced Research Projects Agency (DARPA) to find safety issues with cars. It seems that the money has been spent wisely. They were successful in messing with the dash controls and other minor systems like the fuel gauge. They also managed to stop the car's brakes from working and alter the steering. Somewhat disconcerting.

The hackers are directly connected to the car in this video, but they have also succeeded remotely.

Can you protect yourself at all ?

If you have one of those fancy, connected, app-enabled and keyless entry vehicles you are not entirely powerless. 

Mercury Insurance has conveniently produced a handy guide to help you find out your vehicle's vulnerability. They even provide information to help you protect your car. They have a large selection of car makes and models on their database and provide you with a vulnerability check score out of 6. It bases the score on a series of hack entry points including wireless tire pressure, Bluetooth, navigation, key fob, in-car WiFi and multimedia systems. All potential entry points for car hacking.

You may think it's just an issue for newer cars, but older vehicles can also be "hacked". We checked an old 2003 VW Golf, for example, and found it had hack vulnerabilities through its fob system. Pretty scary. Though how much overall control a hacker could take remotely for the car is limited, they would be able to gain entry and even start the engine! Damn. Why not check your own car out to see how it shapes up.


• Fobs

The most common issue, by far, is unauthorized entry via your cars fob. Experts suggest protecting the fobs encryption by putting fobs in freezers or microwaves (basically things that act like Faraday cages), wrap them in foil or you can just buy a RFID key fob protector. The latter being the most secure, and frankly a less odd method. Plus you could damage the batteries or forget you put it in the microwave at 3 am in the morning.


• Remove OBD II Dongles

On-Board Diagnostics (OBD) II Dongles are devices that some insurance companies provide to monitor your driving habits. For the "safer" driver it can reap lower premiums. They connect to your vehicle through a port on the underside of the steering column. This obviously provides a very tempting "back door" entry for potential hackers. When it's not in use simply unplug it or have it removed altogether.


• Become phishing resistant

Some cars can be started with your phone. If you can do this so can other people. Some researchers in Norway actually demonstrated this technique. They could steal all of the information to potentially drive away with your car using nothing but a cell phone over a public WiFi.

Phishing can be very convincing, but it's fair to say most of you reading this should be pretty clued up on spotting them. In the Norwegian example, the researchers pushed an offer for a free burger at a nearby "Restaurant". This was offered in exchange for downloading an app to the victim's smartphone in return. This allowed them to access the car, a Tesla Model S no less, from the "infected" phone. Shocking.


• Don't panic

Whilst the idea of someone gaining access to your car through car hacking, or worst, being able to control critical systems, is alarming, don't panic. The real world threat appears to simply be from thieves getting in and taking stuff. They're not likely to start shutting off engines mid-journey but could in the future drive your car away without you knowing. There would be little gain for them doing so unless of course, they wanted to create panic. To date, there have been no reported instances of this actually happening, or even attempted attacks. It is, at present, just a theoretical problem. At least for now.

The risk-reward from internet connected cars are currently far in favor of it. Internet-connected cars are invaluable and provide the user with very useful information from engine performance tracking and maintenance, and provide fantastic data for manufacturers to improve on their future models. They also help prevent accidents and offer in-car assistance for anything from breakdowns to finding the nearest fuel station. Whilst we could potentially face data theft, the overall trade-off is well worth the risk.

Vehicle evolution is not likely to slow down anytime soon. Built in diagnostics, tools and add-on devices, to name a few, will continue to develop and specialize. Manufacturers need to seriously think about the potential vulnerabilities to the vehicle they could offer in the future. Cars and light trucks today are loaded with wireless entry points for car hacking. Though the risk is low at the moment it's certainly worth considering when you decide to purchase a new car.