Connected cars are growing in popularity as the Internet of Things is taking the world by storm. Cars with internet access are becoming increasingly common, as most luxury cars come with some form of external connection or app integration.
With a mobile app for almost anything from online banking to fitness trackers, it’s unsurprising that car-controlling apps are quite popular, with most popular brands having several tens of thousands, or even millions, of users.
Using a car-controlling app will make it possible to get GPS coordinates of the car, trace its route, open its doors, start the engine and turn on auxiliary devices, all of which are very useful and used by millions of people.
However, if a car thief were to gain access to a mobile device that has that app installed, then car theft would be easy as pie.
Mark James, ESET IT Security Specialist, discusses how these apps could be made more secure against hackers.
“With the perceivable ‘need’ for apps to connect to virtually everything we interact with these days, it’s easy for their urgency to overrule their security.
“But with our quest to control everything from our smart phones our very safety is at stake here, not to mention losing something we spend thousands of pounds on.
“Making sure the app developer makes it difficult to reverse engineer the app itself will stop the app hijackers from finding out key personal info, and thus injecting their own code to do exactly as they need, should be in its basic makeup.
“With most aspects of security it’s all about layered defences: checking to see if the device is rooted, and if so clearly warning the owner of the dangers if their device is compromised could help by compromising the app itself.
“Injecting code to do your own bidding is one way of protecting against that type of attack.
“Another way would be to check its own integrity for unauthorised changes, if modified in any way then it would render itself useless, although frustrating it’s a lot better than trying to locate a stolen vehicle.
“Of course currently we are talking about proof of concept and what might happen, but as more and more cars become controllable via apps then this is a very real threat that should be addressed at this early stage, with the early adopters and not waiting until its standard across all platforms.”
Does your car have an associated app or ‘smart’ features? Let us know on Twitter @ESETUK
Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.