CyLab researchers discover novel class of vehicle cyberattacks

Vehicles are becoming more and more connected to the Internet, and malicious hackers are licking their lips.

A team led by Carnegie Mellon University CyLab researchers have discovered a new class of cybersecurity vulnerabilities in modern day vehicles. If exploited, an attacker could sneak past a vehicle’s intrusion detection system (IDS) and shut down various components, including the engine, by executing some crafty computer code from a remote location. No hardware manipulations nor physical access to the vehicle are necessary.

The new class of vulnerabilities was disclosed in a new study presented at last month’s IEEE Symposium on Security & Privacy, held virtually…

The team confirmed the feasibility of the vulnerabilities by launching proof-of-concept attacks on them in two vehicles: a 2009 Toyota Prius and a 2017 Ford Focus. The researchers posit that many modern cars are likely vulnerable to these kinds of attacks, but an attacker would have to compromise the vehicle’s network first before launching these types of attacks.