Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Automotive Tech / OnStar Latest Car Hacking Victim
GM's OnStar Latest Car Hacking Victim
GM's OnStar Latest Car Hacking Victim
By Jennifer LeClaire / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
Talk about the Chrysler hack has yet to die down and another automotive breach is already making headlines. Security researcher Samy Kamkar has hacked General Motors’ (GM) OnStar in-vehicle system.

Kamkar posted a YouTube video revealing what he calls “OwnStar,” a device that intercepts GM’s OnStar Remote Link mobile app. He claims OwnStar can locate, unlock and even remotely start cars that come equipped with the system.

“GM told Wired that OnStar bug was fixed, however it's not actually resolved yet. I spoke with GM & they're working on it now,” Kamkar said today via his Twitter account. GM could not immediately be reached for comment and has not released a public statement as of this afternoon.

Car Hacking Trends

Earlier this month, a security flaw was discovered in the Jeep’s Cherokee’s Connect vehicle-connectivity system. Two white hat hackers -- Charlie Miller and Chris Valise -- tapped into the flaw while a reporter drove the vehicle down the highway.

The hackers successfully -- and remotely -- turned up the radio as loud as it would go and turned on the windshield wipers. If that seems fairly benign, wait until you hear this: They also cut off the transmission and disconnected the brakes. The Jeep ended up in a ditch.

It took a year for Miller and Valise to figure out a way to exploit the vulnerability. The duo will share how they did it at the Black Hat security conference in Las Vegas in August, but the short story is the flaw allowed them to inject malware into the system for remote control.

Fiat Chrysler issued a software patch, followed by a voluntary safety recall to update software in about 1.4 million U.S. vehicles. On top of the recall, Fiat Chrysler has also applied network-level security measures to prevent this type of remote manipulation in the future.

Bricking Cars

Ken Westin, senior security analyst for advanced threat protection firm Tripwire, told us over the years the goal of Relevant Products/Services manufacturers has been to build safe and reliable vehicles. To be competitive, every automaker understands its brand has to be known for safety and reliability.

“With increasingly connected and high-tech components being added to these vehicles, they will need to add security to the mix in order to retain their brand integrity,” Westin said. “You can develop the most advanced vehicle that has all of the latest safety features and high-tech gadgets in it, but if it can be bricked by remote exploits, you are going to have wary consumers who may choose the next brand of vehicle because they put more emphasis on security.”

The automotive industry is aware of the importance of security, which is why car makers are not only working with researchers, but also with each other to help develop standards and best practices for more secure vehicles, Westin said.

Image credit: General Motors.

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.