The world’s largest premium automaker, Germany’s BMW AG, recently announced it worked around a security defect that would have resulted in malevolent people able to hack and unlock vehicles from the Mini, BMW and Rolls-Royce brands.
According to the carmaker, the flaw was found by German motorist association ADAC and after identifying the problem it was revealed that it only affected models equipped with the company’s ConnectedDrive software that also have on-board SIM cards (those chips contain the code to identify authorized users of mobile devices). The owner could use his/her smartphone to activate the door locking/unlocking mechanisms, besides a wide variety of other services, such as real-time traffic information, online entertainment and air conditioning. The automaker said the security threat was occurring only when data was wirelessly transmitted and it had no effect on crucial functions of the car, such as driving, steering or braking. Additionally, the company had no knowledge of instances when the flaw was used to compromise the security of the vehicle.
Recently, cybersecurity experts have increasingly turned their scrutiny on the auto industry, which has started growing fond of any technological advancement, though the former also warned they fail to make internal communications secure. According to the insiders, the vehicle – once hacked – would allow remote access to the onboard vehicle computer systems that control every function, from engines and brakes to air conditioning. That would bring threats from hackers that could exploit software weaknesses to command wireless networks on cars and harm drivers or the people involved in cross-traffic.