Sicurezza

Connected cars have an ‘indefensible’ security vulnerability

One of the most attractive promises of IoT-powered connected cars is enhanced safety. Connected cars use the Internet of Things (IoT) to help avoid accidents and control a wide array of safety technologies, from anti-lock brakes to airbags.

But according to security firm Trend Micro, these safety systems are even more vulnerable to hacking than was previously thought. In a blog post published last week, “The Crisis of Connected Cars: When Vulnerabilities Affect the CAN Standard,” the company publicized an effective, vendor-neutral hack that is “currently indefensible by modern car security technology.”

That doesn’t sound good, and it isn’t.

Why this connected car hack is different

According to Trend Micro, this hack affects almost all connected cars, not just those from a specific vendor or that use a proprietary technology: “Is my car affected? Likely, yes.” That’s because the hack attacks the network protocol—called the Controller Area Network, or CAN, which dates back to the 1980s, that connects everything in the car — from parking sensors to airbags to active safety systems to infotainment.