(GEARBRAIN) DEC 12, 2015 – GearBrain unlocks the strategies to help you stop bad guys from gaining access to your car. How do you prevent this from happening? While experts agree we’re not yet at the point where you have to carry bitcoin to pay off hackers holding your connected car for ransom, there are some things you can do. GearBrain outlined 12 ways to secure your vehicle from digital marauders:
1. If your car seems to be operating with a mind of its own — windows roll up or down electronics acting on their own, or someone else seems to be steering, turn the car off immediately. Call AAA or another service group to have them towed the car back to the dealer, experts say. Do not drive your car to the dealer on your own.
2. Just like your computer, keep up to date with firmware upgrades and download when they’re needed, says Tyler Moffitt, a senior threat research analyst at Webroot, an Internet security firm. Owners of vulnerable cars (see: Is Your Car Vulnerable to a Hack?) should go to the site driveuconnect where they also will find a handy instructional video. Your dealer can do that, too.
3. Disable unused services. If you don’t use Bluetooth connectivity with your cell phone, deactivate that feature in the vehicle if possible. While fun to be able to link your smartphone to your car — hackers can use that gateway as well.
4. Educate yourself. “Can the car’s infotainment and wireless systems be operated remotely,” asks Webroot‘s Moffitt. Learn what features the vehicle uses networking for — and make sure these gateways are secured.
5. On-car Wi-Fi hotspots are a potential issue. So if you’re going to use one, or install one, make sure you’ve covered all the details on securing the area. GearBrain has a good demonstration here.
6. All you need is physical access to the on-board diagnostic port to reprogram the car’s computer and upload a virus — one that could take control of your car. So only use a trusted mechanic and be very wary of valets, says Craig Young, security researcher with software maker Tripwire.
7. Don’t leave documents that contain the password information in the car, says Webroot‘s Moffitt.
8. Beware of after-market devices like radar detectors or smart driving assist devices. They may not be held to the same standard as those from the original automaker, adds Moffitt.
9. Sign up for dealer or manufacturer recalls and software updates which should include software patches for wireless vulnerabilities, says Robert Siciliano, CEO of IDTheftSecurity.com and an identity theft expert.
10. “Buy cars that have been field tested, that have been on the road for a year or two,” says Maryanna Saenko, research analyst at Boston-based Lux Research Inc., an independent research and consulting firm focused on emerging technologies.
11. Don’t waste time looking for plug and play antivirus products for your car, as there are for your computer. There just aren’t any yet on the consumer side. “The best products are available to manufacturers to allow them to immunize their code against change and to prevent data being hacked or reconfigured. Generally these remediations fall into the category of tamper proofing and White Box Cryptography tools,” says Inside Secure’s Andrew McLennan, president, North America.
12. Finally, get political. As self-driving cars become a reality, securing them is going to be a high-priority. Start demanding manufacturers provide better security for vehicles. Press your elected federal representatives to do the same.
Is Your Car Vulnerable to a Hack?
Tyler Moffitt, a senior threat research analyst at Webroot, an Internet security firm, lists the following cars as potentially in danger of being hacked. Talk to your dealer if your car is listed below.
2015 Chrysler 200
2015 Chrysler 300
2015 Dodge Challenger
2015 Dodge Charger
2014-15 Dodge Durango
2013-15 Dodge SRT Viper
2014 Jeep Cherokee
2014-15 Jeep Grand Cherokee
2013-15 Ram 1500 pickup
2013-15 Ram 2500 pickup
2013-15 Ram 3500 pickup
2013-15 Ram pickup (Mexico)