BMW Fixes Software Flaw That Would’ve Let Hackers Unlock Doors
Photo: BMW

Cybersecurity experts have been sounding the alarm about cars’ vulnerability to hacking for years. But it seems that every few months, they are able to provide new anecdotal evidence suggesting that the automotive industry’s efforts at securing data transmissions to and from vehicles has produced lackluster results.

The latest report came from German motorist association ADAC. The group’s researchers told BMW about a flaw in its ConnectedDrive software that would have allowed hackers to remotely unlock the car doors. (ConnectedDrive lets drivers control certain vehicle functions —say, locking doors, and warming the cabin on a cold February day—from their smartphones; it also offers a suite of services and apps including real-time traffic information and restaurant reservations.) 

According to Reuters, ADAC researchers were able to simulate the existence of a fake phone network. The BMW cars then attempted to access it, allowing hackers to alter functions activated by the car’s SIM card.

BMW issued a release late last week saying that it had fixed the security hole and noting that roughly 2.2 million Rolls-Royce, Mini, and BMW vehicles had been vulnerable. 

BMW says it eliminated the security flaw by simply adding encryption. What? That was it? BMW never bothered to lock that particular door (pun intended)? 

For its part, the car company said that even if the flaw had been exploited, a hacker would not have been able to hijack control over steering, acceleration, or braking. What it didn’t address was what other sorts of hijinks a cybercrook could get up to once he or she got in the door.

The Conversation (0)

How Software Is Eating the Car

The trend toward self-driving and electric vehicles will add hundreds of millions of lines of code to cars. Can the auto industry cope?

14 min read
ZF Friedrichshafen AG

Predictions of lost global vehicle production caused by the ongoing semiconductor shortage continue to rise. In January, analysts forecast that 1.5 million fewer vehicles would be produced as a result of the shortage; by April that number had steadily climbed to more than 2.7 million units, and by May, to more than 4.1 million units.

The semiconductor shortage has underscored not only the fragility of the automotive supply chain, but placed an intense spotlight on the auto industry’s reliance on the dozens of concealed computers embedded throughout vehicles today.

Keep Reading ↓ Show less