A Chinese hacker who goes by Daishen claims he can hack the Volkswagen Toureg, Audi A6, Audi A7 and more, without an internet connection through the car’s GPS and stereo systems exploiting the flaws in car’s security layers. Craig Young, Cybersecurity Researcher for Tripwire commented below on this claim.
Craig Young, Cybersecurity Researcher, Tripwire:
“Early automobile hacking did not actually involve internet connections. University of South Carolina and Rutgers researchers demonstrated in 2010 that it was possible to gain control of a car’s onboard computers by exploiting the wireless tire pressure monitor even with the car moving 60mph. Bluetooth stacks used in entertainment systems have also been shown over the years to expose attack surface.
Hacking GPS systems has become much easier in recent years with considerable improvements in software defined radio. For well under $500, anyone can get started spoofing GPS satellites now. This means that flaws within these layers are readily within reach of a moderately advanced attacker. It is also not surprising to hear that computer systems on cars are still not doing an effective job at authenticating access. Auto manufacturers must take the risk of car hacking seriously especially in a post Miller/Valasek world. (This hacker duo turned the idea of car hacking on its head when their DARPA sponsored research led to a massive recall by Fiat Chrysler of America.)
Fortunately the industry is evolving to introduce bug bounties and support the security community at events like DEF CON. This year will mark the second “car hacking village” at DEF CON, an area where security enthusiasts and auto engineers can learn about the problems of auto security.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…