BMW’s Latest Security Patch Locks Doors to Remote Hackers
Connected technology has come a long way in the last few years, yet it still has a long way to go. This became evident when BMW technology was shown to be flawed in that it could be hacked pretty easily to allow intruders access to connected BMW vehicles.
The hole in question was in the ConnectedDrive software. The system allows drivers to unlock vehicles remotely using a mobile phone, and a simple hack could allow intruders to open vehicles using their own mobile phones. Once inside, hackers could potentially use similar means to tap into other functions like engine start-up and steering–all in a couple minutes.
After being notified of the risk by German motorist association ADAC, BMW issued a security patch over the air which moved communication between owner and vehicle to an encrypted traffic method. The automatic update went to models made between 2010 and this past December.
Related: BMW’s stance on connected car data
“BMW runs a process of continuous improvement with its products and it is through this testing that an issue was detected on the Connected Drive system subsequently highlighted by the ADAC,” a BMW representative told Forbes. “Like all electronic and cyber attacks on a vehicle, whatever form they may take, BMW continuously assesses its level of car security and enhances the level of defence where possible.”
As weaknesses in connected vehicle systems are still being identified, it’s good to know that BMW is committed to its customers’ security and privacy–a follow-up to when the automaker announced recently that it wouldn’t sell customers’ data.
Related: Mind-blowing i9 rendering
News Source: Forbes