The good news for BMW was the Chinese hackers were benevolent enough.
Staffers at Keen Security Lab, a cybersecurity research unit, last year discovered a range of security soft spots in three BMW models. Those vulnerabilities could be exploited by less altruistic hackers to remotely gain control of a vehicle.
The lab’s researchers described their findings in a technical report. It stopped short of publishing information that could be turned into a hacker’s handbook.
Ami Dotan, CEO and co-founder of Karamba Security in Bloomfield Hills, MI, cited the BMW breach during a presentation at the Center for Automotive Research’s annual Management Briefing Seminars here. Cybersecurity is a big topic of discussion at the annual auto conference, notes CAR CEO Carla Bailo.
Dotan paints a dark picture of what malevolent hackers could do to gain control of new vehicles, vehicles becoming more and more connected – and consequently more vulnerable to cybercriminals – and which may have more than 100 million lines of software code.
“With hackers, don’t call them, they’ll call you,” he says of their criminal outreach capabilities.
Automakers are well-aware of the problem, although European brands seem to be “leading the pack” when it comes to cyber-crime-fighting, Dotan says.
Among defensive solutions available is employing a system of real-time codes that change to thwart hackers, who might range from high-tech car thieves to diabolical wrongdoers who take control of a car and send it off a cliff.