Several API Vulnerabilities Uncovered, Putting Millions of Vehicles at Risk
Millions of vehicles from sixteen of the industry's leading automotive manufacturers are at risk due to API vulnerabilities. These units are at risk of being hacked and tracked, and the owners' privacy is also potentially at risk due to several recently uncovered bugs.
These specific security weak points in vehicle APIs in brands ranging from Acura, BMW, Ferrari, Ford, Genesis, Honda, Hyundai, Infiniti, Jaguar, Kia, Land Rover, Mercedes-Benz, Nissan, Porsche, Rolls Royce, Toyota, along with the software from Reviver, SiriusXM, and Spireon.
In reality, all these vulnerabilities run a wide range, from giving unauthorized access to internal company systems and private user information to weak points allowing hackers to remotely send commands to the vehicle without the driver knowing.
Experts share how devastating this could be, stating that "this would've allowed us to track and shut off starters for police, ambulances, and law enforcement vehicles for several different large cities and dispatch commands to those vehicles."
As vehicles become more like computers and less like cars of the past, these issues are likely to remain but become more prevalent, making cybersecurity a high priority. Cyberattacks on cars have risen 225% over the last three years, with 84.5% of those attacks being executed remotely with a single button press.
Hungry for more? Join me each week, where I'll break down complex topics and dissect the latest news within the cybersecurity industry and blockchain ecosystem, simplifying the tech world.