While connectivity has introduced numerous features to today’s vehicles, it has also brought the concept of “car hacking” into everyday conversation. Like any software, the applications that connect to a vehicle’s internal systems are not always completely secure.
Cybersecurity experts have identified a vulnerability in the Hyundai Blue Link mobile app that could potentially allow criminals to access vehicles, as reported by Reuters. According to Tod Beardsley, research director at Rapid7 Inc.—the company that uncovered the flaw—this security issue existed for three months before Hyundai implemented a fix in March.
Both Beardsley and Hyundai informed Reuters that there had been no incidents of car theft linked to the software vulnerability prior to the fix being released last month. The Blue Link app enables car owners to remotely lock and unlock doors, as well as start their engines, but this vulnerability could have allowed unauthorized users to manipulate these functions.
The flaw reportedly appeared following an update launched on December 8. To exploit the weakness, a hacker would need to be in close proximity to the targeted vehicle while the owner accessed the app via an unsecured WiFi connection, explained Beardsley. Although the vulnerability might have allowed thieves to start vehicles, it is unlikely they could drive them far without the physical key fob.
Awareness of car hacking is growing, even becoming a central theme in films like The Fate of the Furious, where a swarm of “zombie cars” is remotely controlled. While the Hyundai app issue would not have enabled criminals to commandeer moving vehicles, it highlights the increasing susceptibility of modern cars to unauthorized access.
Previously, a vehicle’s main protection against hacking was its isolation from any network. However, the introduction of telematics, connected applications, and onboard WiFi has changed this. Vehicles now confront security challenges akin to those faced by computers and smartphones, making robust software an essential line of defense.
.
