Ford and VW cars open to hackers, research claims

Cybersecurity researchers are claiming some current connected Ford and Volkswagen vehicles are easy targets for malicious hackers.

The report researched by cyber consultancy Context Information Security and published by consumer magazine Which?, claims to have identified serious security, data privacy and safety concerns in the leading car brands. Investigators looked at the Ford Focus Titanium Automatic 1.0-liter and a Volkswagen Polo SEL TSI Manual 1.0-liter which are both packed with some of the latest consumer car technology.

While admitting the cars proved more difficult to hack into than many other connected products, researchers says they managed to find weaknesses in the cars’ security designs and were even able to identify what is suspected to be a Wi-Fi password from Ford’s manufacturing plant.

They focused on infotainment systems, mobile applications, radio frequency systems – such as keys fobs for entry and ignition, and tire pressure monitoring systems – as well as the Controller Area Network (CAN) used for communications between different vehicle components.

Key findings claimed by researchers include discovering that firmware on each of the two cars’ infotainment systems suffered from common issues such as outdated third-party software libraries and unsafe native code functions. Despite both systems employing the use of electronic signatures to prevent unauthorized adding of custom code, researchers claim it was possible to work around these on the VW system. The firmware for the Ford’s infotainment system, meanwhile, revealed full details of Wi-Fi network credentials that appears to be used at a number of its assembly plants.

To read the complete article, visit TU-Automotive.