Car hacking: Insurers say car thieves may use laptops in crimes
For the Houston Police Department, the discovery came after watching surveillance camera footage in which a pair of thieves used a laptop computer to start a 2010 Jeep Wrangler before stealing it from the owner’s driveway. Police said the same method was used in four other thefts of late-model Wranglers and Cherokees.
One theory put forward by law enforcement and car insurers is that the thief hacks into a car’s computer, forcing it to recognize a signal sent from the thief’s own electronic key used to switch on the ignition.
“We think it is becoming the new way of stealing cars,” said National Insurance Crime Bureau Vice President Roger Morris, according to the Wall Street Journal. “The public, law enforcement and the manufacturers need to be aware.”
The NICB, an insurance industry group that tracks car theft across the US with their report “Hot Wheels,” told the Wall Street Journal they started noticing the trend when seeing police reports that tied thefts of newer-model cars to “mystery” electronic devices.
Automotive trade groups are working on best practices to share information on cyber threats and cybercrime prevention technologies.
With newer cars arriving with more computerization and advanced technology, car manufacturers also have to add security and safety features. Last year, Fiat Chrysler recalled 1.4 million vehicles after two hackers exploited a software loophole and remotely accessed a 2014 Jeep Cherokee by taking control of its engine, air conditioning, radio and windshield wipers.
The researchers were able to access the vehicle through its UConnect system by searching for devices using Sprint’s cell network, which UConnect employed to connect to the internet for entertainment and GPS.
The researcher hackers, Charlie Miller and Chris Valasek, presented their findings at the Black Hat security conference in Las Vegas in August 2015.
“If consumers don’t realize this is an issue, they should, and they should start complaining to carmakers,” Miller told Wired magazine. “This might be the kind of software bug most likely to kill someone.”