The Kia Hack Incident: A team of independent security researchers have discovered significant vulnerabilities in Kia’s dealer web portal. It exposes many million vehicles to potential hacking risk.
Researchers found a bug that allowed attackers to remotely control Kia cars manufactured after 2013 by using the targeted vehicle’s license plate.
Affected vehicles are equipped with remote hardware. They can be tracked, unlocked, and started in under 30 seconds. This is regardless of whether they had an active Kia Connect subscription, according to the report by these researchers.
One of the researchers Sam Curry said that the team was able to access Kia’s backend dealer API by registering for a dealer account on Kia’s kiaconnect.kdealer.com portal.
“From the victim’s side, there was no notification that their vehicle had been accessed nor their access permissions modified,” Curry explains.
The vulnerability in Kia’s system revolved around its dealer portal, which offers functionalities to manage vehicles remotely.
Cybersecurity: A Concern In Connected Cars
As vehicles are becoming more connected, the automotive industry faces new cybersecurity challenges. Connected cars are at more risk of cyber threats such as potential hacking or data theft.
The main cybersecurity risks for connected cars include remote hacking and data privacy concerns. With remote hacking, hackers can access vehicle systems remotely without permission. With this, they might control or influence critical functions, such as braking and steering.
On the data privacy side, connected cars collect a lot of data. This raises concerns about the privacy of the user’s data collected.
Modern Infotainment Systems In Vehicles Posing Cybersecurity Risks
The modern infotainment system in vehicles offers and uses various connectivity options like wifi, Bluetooth, or USB. These systems expose many interfaces that hackers may be able to exploit to access and control vehicle functions remotely.
Infotainment systems also store personal information, such as contacts and location data etc, which can pose a major cyber threat.
How Manufacturers Are Dealing With These Threats?
Automotive manufacturers are constantly adopting new measures and technologies that meet the changing cybersecurity standards to keep their vehicles safe from cyber threats. These manufacturers are also using over-the-air updates like new technologies. This enables them to update software remotely.
Current Version
Sep 30, 2024 13:05
Written By
Akshat Mittal