If you have a modern car with GPS, emergency call service, computerized starting, braking and so on, the possibility is quite real criminals are now learning to circumvent your security and take control of such systems, open doors, start it up without a key and disable locator signals as they go for a joy ride to your friendly neighborhood chop shop.
Such are the conclusions to be drawn from a report filed with the National Academy of Science by Tadayoshi Kohno, an assistant professor of computer security at the University of Washington in Seattle, and Stefan Savage, a professor of computer science and engineering at the University of California at San Diego, detailed in The Inquirer by Scott Sturgis.
"Who'd have ever thought this?" said Kohno in conference over the phone, along with a doctoral candidate from each school. "This is still very forward-looking."
The students used the auto’s telematics to break into the car's controls. GPS, Bluetooth technology that enables so many modern conveniences, also creates a back door for those with ill intent.
"We could call up the car and remotely compromise its telematics system and take over control of the components of the car, disable the brakes, start the car, bypass the immobilizer system," said Karl Koscher, a doctoral student at the University of Washington.
The students and researchers were unaware of this having been done with criminal intent, however Omar Ramos-Lopez was arrested in Austin Texas on March 18, 2010 for using “an internet service to remotely disable ignitions and set off car horns of more than 100 vehicles sold at his old workplace,” an auto-dealership that used the service to immobilize the cars of buyers delinquent in their payments.
"He caused these customers, now victims, to miss work," Austin police spokeswoman Veneza Aguinaga said in the AP article by Jeff Carlton. "They didn't get paid. They had to get tow trucks. They didn't know what was going on with their vehicles."
The dealership installed GPS immobilizers so they could repossess cars from those who failed to make payments. Car horns could be activated if the cars were hidden from view when the repo man arrived.
"We are taking extra measures to make sure this never happens again," Jeremy Norton said, a controller at the Texas Auto Center dealership where Ramos-Lopez worked.
So you should have no fear as your governmental watchdogs are near.
"The government and industry are conducting research to assess any cyber vulnerabilities in electronic-control systems of vehicles today and future vehicles as they grow more connected through vehicle-to-vehicle technologies," a spokesman for the National Highway Traffic Safety Administration stated.
We were taught in physics that for every action there is an equal and opposite reaction. It would seem for every advance in security, there is an equal and opposite move towards insecurity – or so it looks sometimes.