Car hacking can be accomplished as easily as 1-2-3. All it takes is a great song shared with you by an acquaintance on a CD that you play in your car. While you are moving to the beat of the music and singing along, a malicious file on that innocent CD is exploiting a vulnerability in your car radio. You will never know that this spyware installation is even taking place.
Innocently installing spyware programmed onto a CD is just one example of how access can be gained to your vehicle. Anyone who can access your vehicle may also access the vehicle’s computerized network, and by so doing, completely control most of its components. This allows for a number of espionage exploits, including the ability to listen in to all of your conversations; acquire sensitive GPS data that indicates your travel location; override your vehicle’s theft prevention system; fully lock up your brakes, potentially on a busy expressway or in a remote area; and deactivate your vehicle’s safety functions and accessories.
Security is very important today because computers are networked together. In newer computerized cars, there are a variety of different systems that could be compromised, including Bluetooth devices, CD players, internet radio frequencies, cellular phone connectivity, wireless key fobs, tire sensors, iPods/USB drive ports, among others (2011 report by researchers at the University of California, San Diego, and other institutions). Another danger zone arises in some vehicles that are able connect to the Internet over Wi-Fi or 4G networks. Most of the vehicles at risk are those with computerized controls that are connected to the outside world wirelessly. These connections bring live streaming audio and video, Twitter feeds, spoken text messages, and current traffic information into the vehicle.
Outside parties can also gain access to your vehicle through diagnostic tools used by car dealership service personnel. Diagnostic maintenance tools can be used to exploit vulnerabilities in your vehicle, and vehicle owners need to be careful about who is permitted to access their car, especially technicians accessing the OBD-II diagnostic port. This port is commonly located at the bottom of the dashboard panel next to the steering column. Using this port, one could insert a malicious component into a vehicle’s internal network. The malware only requires a short time period of connectivity to embed itself within your vehicle’s components.
In addition to virtual access issues, your vehicle can also be compromised by physical methods. This includes valet parking attendants, a person who borrows your car, the previous car owner, an ex-friend, and just about anyone with momentary access to the vehicle. A well-established method of surveillance that has been widely used is a car tracker attached to a vehicle for the purpose of covertly monitoring the movement of that vehicle. Although this method has been around for a while, it’s still one of the most preferred for tracking, and will not be obsolete for many years to come. This is because of the availability and low cost of such tracking devices, and the ability to quickly and simply apply them to any vehicle without application technology.
As professional Technical Surveillance Countermeasures (TSCM) practitioners, we are concerned about protecting our clients. Your vehicle can serve as an integrated connection to your office and home, and a means of communication to compromise your privacy. It is very important to safeguard your vehicle from espionage efforts that may be employed to breach your privacy and access your information.
Click on the link to Learn More about Spy Sweep Services
