While both scenarios create a greater driving experience, smart technology also represents a brand-new area for malicious use.
Kaspersky researchers analysed aftermarket connected car devices, designed to make vehicles smarter. This niche has proven to be more secure than other Internet of Things (IoT) accessories.
There are currently two ways for car enthusiasts to obtain a connected vehicle – purchase a ‘smart by design’ car from a dealer, or improve their existing car with a number of additional ‘smart-devices’. While both scenarios create a greater driving experience, smart technology also represents a brand-new area for malicious use, as the media and Kaspersky’s own research has repeatedly shown. This is inevitable – when a piece of technology becomes essential, related security issues tend to increase.
With this in mind, Kaspersky researchers set out to discover whether these reports on the security of IoT devices had any impact on manufacturers of smart devices for the automotive industry. The researchers analysed several randomly selected devices, including an OBD dongle scanning tool, a tire pressure and temperature monitoring system, a smart alarm system, a GPS tracker, and an app-controlled dashcam.
The findings were a pleasant surprise: while the IoT industry has often been considered vulnerable, these automotive-related smart and connected devices proved to be quite secure, with no major vulnerabilities exposed. However, several security issues were also revealed: the ability to remotely access driving dynamics data via a scanning toll, the option to manipulate signals from the tire monitoring system, and, most alarmingly, the ability to open vehicle doors using the alarm system. However, all of these elements are either very hard to implement, or bring no obvious or immediate outcome for a criminal.