Did you know that cars now have computers, and computers can be hacked?

Amazingly this risk is brand new according to the geniuses at the Federal Bureau of Investigation (FBI) who issued a warning on the matter late last week.

The memo states that “modern motor vehicles often include new connected vehicle technologies that aim to provide benefits such as added safety features, improved fuel economy, and greater overall convenience….However, with this increased connectivity, it is important that consumers and manufacturers maintain awareness of potential cyber security threats.”

“Vehicle hacking occurs when someone with a computer seeks to gain unauthorized access to vehicle systems for the purposes of retrieving driver data or manipulating vehicle functionality… it is important that consumers take appropriate steps to minimize risk.”

The justification for the memo is described as being one of warning the general public and manufacturers to maintain  “awareness of potential issues and cybersecurity threats related to connected vehicle technologies in modern vehicles.”

Asleep at the wheel

It’s often argued that it is better to do something late than never, but this is a case of the FBI being asleep at the wheel up to this point: you don’t be to be a Rhodes Scholar to realize that cars are susceptible to hacking because they are run by computers.

To its credit (be it still late) the Bureau does acknowledge the widely reported case of a Jeep Cherokee being hacked in 2015 and discusses the implications in that case, where researchers took control of a car by exploiting its radio and WiFi capabilities to stop the car while it was being driven down a highway; that case resulted in Chrysler recalling 1.4 million vehicles and mailing USB drives with software updates to affected drivers.

Consumers are advised to make sure there car’s operating system is up to date, that caution should be used when attaching third-party devices to a vehicle as they can introduce new vunerabilities, and finally you shouldn’t hack your own car:

Making unauthorized modifications to vehicle software may not only impact the normal operation of your vehicle, but it may introduce new vulnerabilities that could be exploited by an attacker. Such modifications may also impact the way in which authorized software updates can be installed on the vehicle.

In addition, the Bureau advises that the auto industry has established an Information Sharing and Analysis Center (ISAC) as a central hub for gathering intelligence to help the industry analyze, share, and track cyber threats.

Image credit: aaronjacobs/Flickr/CC by 2.0