Hackers can take control of your car – How to protect yourself

Your car isn’t immune to hacking. With the proper electronics and software techniques, a determined hacker can intercept or block your key fob signal, infiltrate your car’s software, and even remotely control your vehicle.

So, is your connected car hackable? Most likely, yes. Here’s how.

Software hacks

Does your car have a smartphone app that allows you to unlock and start it remotely? Almost every car manufacturer offers this convenience in some makes and models. 

Account usernames and passwords protect these apps. If hackers can break into your account or exploit a bug in the car’s software, they can compromise your entire vehicle.

My advice: To protect your remote start app, change the default password, use strong and unique credentials and never reuse your passwords from other services. Enable two-factor authentication if you can, and keep that software current.

Telematics is the broad term describing a connected system that remotely monitors your vehicle’s behavior. This data may include your car’s location, speed, mileage, tire pressure, fuel use, braking, engine/battery status, and driver behavior.

By now, you know anything connected to the internet is vulnerable to exploitation. Hackers that intercept your connection can track and even control your vehicle remotely. Now that’s scary.

My advice: Before you get a car with built-in telematics, consult with your car dealer about the cybersecurity measures they’re employing on connected vehicles. If you have a connected car, ensure its onboard software is always up-to-date.

Here’s a throwback. Cybercriminals can also employ old-school denial-of-service attacks to overwhelm your vehicle and potentially shut down critical functions like airbags, anti-lock brakes, and door locks.

This attack is feasible since some connected cars have built-in Wi-Fi hotspot capabilities. As with regular home Wi-Fi networks, they can even steal your data if they infiltrate your car’s local network.

Also, it’s a matter of physical safety. Remember, multiple computers and Engine Control Modules run modern cars. If hackers can shut these systems down, they can put you in grave danger.

My advice: Regularly changing your car’s onboard Wi-Fi network password is a must. Turning off your car’s Bluetooth and Wi-Fi is also a good idea when not in use.

Your home’s Wi-Fi needs to stay locked down, too. Use these steps to find and remove anything that shouldn’t be on your network.

• Onboard diagnostics (OBD) hacks

Every newer car has an onboard diagnostics port. This interface allows mechanics to access your car’s data, read error codes and statistics, and even program new keys.

Anyone can buy exploit kits that can utilize this port to replicate keys and program new ones to use them for stealing vehicles. 

My advice: Always go to a reputable mechanic. A physical steering wheel lock can also give you extra peace of mind.

Another old-school internet hack reaches connected cars, specifically models with internet connectivity and built-in web browsers.

Crooks can send you emails and messages with malicious links and attachments that can install malware on your car’s system. Anything is possible once the malware is installed.

Car systems don’t have built-in malware protections, so this can be hard to spot.

My advice: Practice good computer safety practices even when connected to your car. Never open emails and messages nor follow links from unknown sources.

Security 202: How to remove malware from your phone or computer

Kim Komando

Sound like a tech pro, even if you’re not! Award-winning popular host Kim Komando is your secret weapon. Listen on 425+ radio stations or get the podcast. And join over 400,000 people who get her free 5-minute daily email newsletter.

Key fob attacks

With the proliferation of cheap electronics and relay gadgets that can be purchased easily online, key fob attacks are more common than ever.

Always-on key fobs present a serious weakness in your car’s security. If your keys are in range, anyone can open the car, and the system will think it’s you. That’s why newer car models won’t unlock until the key fob is within one foot.

However, criminals can get relatively cheap relay boxes that capture key fob signals up to 300 feet away and transmit them to your car.

One thief stands near your car with a relay box while an accomplice scans your house with another. When your key fob signal is picked up, it is transmitted to the box closer to your car, prompting it to open.

Keep reading for steps on how to protect your keyfob.

In this scenario, crooks will block your signal. Say you issue a lock command from your key fob. It won’t reach your car, and your doors will remain unlocked. The crooks can then have free access to your vehicle.

My advice: Always manually check your car doors before stepping away. You can also install a steering wheel lock to deter thieves from stealing your car, even if they get inside.

How to stop key fob attacks

There are a few easy ways to block key fob attacks. You can buy a signal-blocking pouch that can hold your keys, like a shielded RFID-blocking pouch.

• Stick it in the fridge …

Here’s a free solution: Stick your key fob into the refrigerator or freezer. The multiple layers of metal will block the signal. Just check with your manufacturer to ensure freezing your key fob won’t damage it.

• … or even inside the microwave

The microwave will also block signals. Just don’t turn it on. 

• Wrap your key fob in foil

Since your key fob’s signal is blocked by metal, you can also wrap it up in aluminum foil. While it’s the easiest solution, it can leak the signal if you don’t do it right. You could also make a foil-lined box to put your keys in if you’re in a crafting mood.