• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Microsoft linked attacks on SharePoint flaws to China-nexus actors

 | 

Cisco confirms active exploitation of ISE and ISE-PIC flaws

 | 

SharePoint under fire: new ToolShell attacks target enterprises

 | 

CrushFTP zero-day actively exploited at least since July 18

 | 

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

 | 

MuddyWater deploys new DCHSpy variants amid Iran-Israel conflict

 | 

U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog

 | 

Microsoft issues emergency patches for SharePoint zero-days exploited in "ToolShell" attacks

 | 

SharePoint zero-day CVE-2025-53770 actively exploited in the wild

 | 

Singapore warns China-linked group UNC3886 targets its critical infrastructure

 | 

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 54

 | 

Security Affairs newsletter Round 533 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Radiology Associates of Richmond data breach impacts 1.4 million people

 | 

Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release

 | 

Authorities released free decryptor for Phobos and 8base ransomware

 | 

Anne Arundel Dermatology data breach impacts 1.9 million people

 | 

LameHug: first AI-Powered malware linked to Russia’s APT28

 | 

5 Features Every AI-Powered SOC Platform Needs in 2025

 | 

Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Hacking
  • Security
  • Remote Car hacking is reality, do not to underestimate it

Remote Car hacking is reality, do not to underestimate it

Pierluigi Paganini June 03, 2014

A new alarm on car hacking issued by the security community, the white hat Jonathan Brossard warns cars can be hacked on the road remotely.

Car hacking is possible, I have proposed different works presented by security experts that demonstrate how to compromise modern vehicles with cheap environment. Modern cars have a huge quantity of components connected by an internal network that could be easily compromised knowing the communication protocol used by principal vendors.

“Modern cars contain upwards of 50 electronic control units (ECUs) that exchange data within an internal network. The safety of the automobiles relies on near real time communication between the different ECUs for predicting crashes, performing anti-lock braking, and much more.“

Recently Security researchers have demonstrated that car hacking is possible using wired systems or short-range wireless such as Bluetooth, but experts at Toucan Systems confirm that similar attacks can be conducted remotely from any place on the planet.

As reported by the Sydney Morning Herald, security expert Jonathan Brossard declared that he “does not know of a car that has been hacked on the road, but says his company does it for vehicle manufacturers in Europe.”

“The only way to verify that a car is not subject to cyber attack is to try to break it, fix it and try to break it again, he said.” ”The vehicle is remote from me. I am sitting at the desk and I am using the computer and driving your car from another country. I am saying it is possible.”A car is, technically speaking, very much like a cell phone and that makes it vulnerable to attack from the internet,” ”An attack is not unlikely.” he added.

The scenario is scaring, my mind immediately flies to the infinite possibilities of Intelligence agencies that could have already implanted in the control systems of million of cars any kind of device to advantage their remote control, it is already happening with routers and servers, why not for modern vehicle?

“At this year’s [Black Hat] conference in August he says attention will turn to an open back door allowing someone to take control of your computer remotely. He says it already infects 2 million computers worldwide, including Australian machines made by mainstream manufacturers.” reported the Sydney Morning Herald.

car hacking

The majority of the attacks presented by the scientific community is operated through the Controlled Area Network, Electronic Control Units exchange operation data on one or more bus based on the Controlled Area Network standard. Popular security expert Charlie Miller and Chris Valasek demonstrated last year that it is possible to gain the control of a vehicle simply by connecting laptops to the dashboard.

A recent report published by CNN Money raises again the debate on the car hacking, the media describes the 50 to 100 computers controlling steering, acceleration and brakes in the typical automobile as “really dumb”

“there’s a danger to turning your car into a smartphone on wheels”. states the CNN.

As explained by Ed Adams, a researcher at Security Innovation, a company that tests the safety of automobiles, the principal problem in car hacking is the lack of security by design, the expert confirm that of proper security mechanism in the software which equip modern vehicles.

“Auto manufacturers are not up to speed,” “They’re just behind the times. Car software is not built to the same standards as, say, a bank application. Or software coming out of Microsoft.” said Ed Adams

Computer architecture in modern cars is not different from any other computer system, it is wirelessly connected to the Internet and could be targeted by a cyber attack.

The report claims that the next generation of cars from both Audi and Tesla can be victims of car hacking, in April the researcher Nitesh Dhanjani, presented a study conducted on his own Tesla Model S Sedan, he reported a series of security issues that could be exploited to locate and unlock the vehicles.

Be aware attacks where cars are “taken over” wirelessly have not been widely demonstrated, but it is worrying the approach of principal car manufacturers that seems to be impassive to the continue warning of hacking community.

“At the moment there are people who are in the know, there are nay-sayers who don’t believe it’s important, and there are others saying it’s common knowledge but right now there’s not much data out there,” “We would love for everyone to start having a discussion about this, and for manufacturers to listen and improve the security of cars.” said the popular hacker Charlie Miller. 

As vehicles become more integrated with wireless technology, their surface of attacks will be enlarged in significant way giving to attackers much more opportunity to inject malicious code in the car components or to interfere with them.

Let’s hope car manufacturers will carefully assess their technologies, even if many of the components they integrates are designed by third-party companies.

Pierluigi Paganini

(Security Affairs –  car hacking, car safety)


facebook linkedin twitter

CAN bus Car hacking car safety Charlie Miller Chris Valasek Defcon

you might also like

Pierluigi Paganini July 23, 2025
Microsoft linked attacks on SharePoint flaws to China-nexus actors
Read more
Pierluigi Paganini July 22, 2025
Cisco confirms active exploitation of ISE and ISE-PIC flaws
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Microsoft linked attacks on SharePoint flaws to China-nexus actors

    APT / July 23, 2025

    Cisco confirms active exploitation of ISE and ISE-PIC flaws

    Hacking / July 22, 2025

    SharePoint under fire: new ToolShell attacks target enterprises

    Hacking / July 22, 2025

    CrushFTP zero-day actively exploited at least since July 18

    Hacking / July 22, 2025

    Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

    Security / July 22, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT