Vulnerability is Starting to Show on Many Fronts

Samy Kamkar

RollJam

The announcement was made several months ago that the GM OnStar system wasn’t quite as secure as GM and OnStar thought it would be.  The hacker that got into the OnStar system was Samy Kamkar and he showed exactly how vulnerable these vehicle systems can be and made it so GM would begin to work on a solution to this hack and make sure it or one like it could not happen ever again.  With this hack the security we feel around us was breached and we got the feeling of massive vulnerability in our lives from an area we normally feel safe.

Why we depend upon computerized systems to be secure and able to take care of us without offering any breach of security is certainly a wonder.  We have heard of and witnessed many hackers that have gained access to various banking systems, different utility systems and as they have become more and more computerized, the automotive industry.  We know every time we get on our computers there is the possibility that we are exposing ourselves to a virus or a hacker to get our information and do what they want to with our personal and financial data.

With identity theft at an all-time high and the need to keep systems more secure than ever, car companies need to do more to ensure vehicles are more secure especially their computer systems.  The thought that at any time someone could hack into a system and take part of your vehicle off line is a frightening one and when autonomous vehicles become more popular and actually sellable this will be a real threat that will certainly need to be kept free of hacking in more than one way.  The benefit right now is the systems a hacker could take down aren’t typically those that drive or control the vehicle.

Another part of the security needed comes from something as simple as our remote key fob.  Many vehicles are not being built without exterior door locks that use a key to unlock at all and even those that have them also have the remote key fob to unlock the vehicle from a distance.  The codes used for these key fobs have for a long time used a rolling code in order to keep them from being hacked, but one such hacker has found a way and that person was one in the same Samy Kamkar.

With around $30 worth of parts and pieces Kamkar built a device that can steal the code from the key fob in order to unlock the vehicle.  With a rolling code you wouldn’t think this would be possible, but the vulnerability here comes in the fact that the codes do not actually ever expire.  This is the case even though the codes never can be used twice which means if you can somehow intercept the code and it does not get used the first time then you can hack into a car using the key fob code that has been stolen.

This little device is called the RollJam and is capable of stealing the code sent by the key fob prior to it actually reaching the vehicle, keeping it from making it to the vehicle.  This item can then use the code to open the car doors using the code to unlock the door the second time an owner attempts to unlock the car and then steals the second code which never gets used by the car owner.  This would allow a thief to come back later and steal whatever they wanted from a vehicle because they would have a code to enter the vehicle with.

It’s time to change some of the thoughts about vehicle security, especially if vehicles are to move forward and be closer to autonomous in nature.  Even though the systems that are online now are not ones that are necessary for the operation of a vehicle this will continue to change over the next few years and with simple items such as key fobs that can be hacked, where is the next security breach going to come from, or are we going to be well ahead of the hackers and have security that we can trust.

Be the first to comment

Leave a Reply

Your email address will not be published.


*