January 16: HackersEra, a cybersecurity firm based in India, recently uncovered a major security flaw in keyless entry systems used by some car manufacturers. This hack has caused alarm among automakers, insurance companies, and government agencies in India. The hack was discovered when HackersEra's team of cyber-security experts noticed an increase in the number of car thefts that had been taking place. They then set out to investigate the source of these thefts and found that keyless entry systems were being exploited by criminals to gain access to cars without needing a physical key. The consequences of this hack are serious for everyone involved and have prompted inquiries about the security precautions that car manufacturers and other stakeholders are taking.
Advertisement
Vikash Chaudhary, the CEO of HackersEra, and researchers conducted in-depth research on the novel attack vector for passive key entry and start systems in high-end cars with the goal of informing automakers about the game-changing method to break into the vehicles null.
Vulnerabilities in keyless entry and start systems can be exploited by thieves using a digital theft technique known as a "relay attack." At first, the attacker stands close to the vehicle owner and sends the signals he picks up to his accomplice via a special device. The second attacker stands as close to the car as possible while holding the second device, which can transmit the relayed signal received from the first attacker. The vehicle responds normally to the signal, making the car's security system believe the owner is nearby and unlocking the door.
Advertisement
Vikash Chaudhary, CEO of HackersEra, said, "An intruder can steal valuables from vehicles by remotely unlocking the vehicle without touching the key or pressing it by the customer and both starting and fleeing with the cars." Also, once the door is unlocked, an attacker can plug in a wireless OBD-II dongle and later use a CAN bus vulnerability to do damage. We all know that messing around with CAN bus message injection while driving can cause a car accident, which is a very serious problem because someone's life could be in danger.
Security issues with the keyless entry system and the start ignition were brought to the attention of the government and automakers by HackersEra.The stakeholder community needs to create a system to protect cars' cyberspace. It's not always clear which insurance providers will compensate for a lost car or stolen belongings. How frequently do Indian automakers conduct penetration tests on their products, and are they required to provide buyers with updates on the status of cybersecurity reports? What measures will automakers take if an accident causes serious injury or death?
The Role of Automakers in Cybersecurity
Automobiles are becoming increasingly connected and vulnerable to cyberattacks. This necessitates that automaker, service providers, and vehicle owners take measures to safeguard the safety of their vehicles. By employing cyber security solutions for the automotive industry, automakers can ensure that their vehicles remain safe. HackersEra, which currently provides its innovative services to 15+ OEMs and 10+ vehicle manufacturers, deserves our confidence.
