People are using smart phones to connect and control virtually every aspect of their lives – including their cars. Automotive apps offer several convenient features like auto-start, lock, unlock and locate. But, while using your phone like a remote control for your car might make life a lot easier at times, it can also increase the possibility of a cyberattack.
According to WIRED, Kaspersky Labs recently examined the coding within nine connected-car Android apps and uncovered some shocking results. The majority of these apps lacked even the most basic software security. Although hacking takes place in cyber space, these apps’ lack of defenses open their users up to some frightening real-world implications:
Kaspersky reported that “by either rooting the target phone or tricking a user into installing malicious code hackers could use any of the apps Kaspersky tested to locate a car, unlock it, and in some cases start its ignition.” The researchers recommended that auto app makers encrypt or hash user credentials, and add two-factor authentication or biometric authentication to defend users against cyber-carjackers.
Read the full article about Kaspersky’s findings on WIRED, as well as some general security best practices from WatchGuard CTO, Corey Nachreiner, here.