How Secure are today’s Connected Cars?

IOT News

Hacker-manages-to-access-User-Accounts-of-GPS-Tracking-Apps-Raises-the-Security-concern-for-Connected-Cars How Secure are today's Connected Cars?In a recent set of events last week, a white-hat hacker successfully managed to gain access to thousands of user accounts of two GPS tracker apps, grasping the ability to monitor in real time the locations of tens of thousands of vehicles, along with the capability to turn off the engines for some of those vehicles while they were in a state of motion.

As per reports, the hacker accessed more than 7,000 iTrack accounts and over 20,000 ProTrack accounts – two apps the fleet managers of companies highly rely on to monitor and manage their fleets of vehicles. Furthermore, the hacker with this recent stint was able to track vehicles in a handful of countries – South Africa, Morocco, India, and the Philippines. On some cars, the software can even remotely turn off the engines of halted vehicles or those that are traveling well beneath the 12 miles per hour figure, according to the manufacturer of certain GPS tracking devices.

Let’s deduce what possible outcomes could’ve happened if the hacker had some ill intentions: You’re driving and are in a hurry for an appointment, you set the appointment location on your car’s GPS, and follow the GPS teller’s command, and while driving you end-up on an off-ramp, and then your car’s engine stops. You lose control of the car and crash into the car in front of you. Now on a scale, if this happens on multiple vehicles plying on the freeways of Los Angeles for example, the chaos that may happen is unimaginable.

The hacker, who goes by the name L&M, is a “white hat” hacker who using the possessed skills breaks into systems for the greater good, to warn consumers on the risks of living a hyper-connected life. On infiltrating a network of GPS tracking apps, the hacker noticed that over 27,000 users don’t change their default password i.e. 123456, thus by gaining access to the car’s core system anyone with a hacking ability can remotely shut down the engine.

L&M discussing in an online chat forum, said, “My target was the company, not the customers. Customers are at risk because of the company.”