According to security specialists the current best selling electric car by Nissan, the leaf car can be hacked remotely. Troy Hunt with his partner Scott Helme established that they could turn on the heated seating of the car along with the heated steering wheel, air conditioning remotely. The same was discovered by Hunt when he was attending a software workshop. This proves out to be detrimental for the users of the car.
As he was able to independently control the features, he was successfully able to connect the leaf model through the internet. The attempt was successful only on the non-moving car. However the hacker could be able to see the owner’s username which can lead to exposure of identity.
Hunt is of the opinion that even though identifiable information such as one’s address was not available, it might not take much time to bridge the gap. The hack was easy due to the poor security features of Nissan’s Connect app, which allows users to have control of their car. The car can be accessed just by knowing the car’s vehicle identification number, which is visible on the car’s window.
As the vehicle identification numbers differ only in the last five digits, the hackers can use every possible combinations giving them access to any car. Hunt had to just raise requests till he found the one that returned other vehicle’s status.
However, the Nissan’s leaf car is not the only car fallen on the list of low security standards. Previous Year WIRED US reported “summer of epic car hacks” detailing the security issues of the car such as car doors were unlocked, wiper blades being turned on and off.
Solutions to these security breaches are already being designed. A Swiss computer scientist, Boris Danev has developed a car key chip. A small silicon chip is fitted inside of the key which blocks hacking signals which are generated in the exterior of the car.
As soon as Helme disengaged his car from the app, the hack stopped. But according to Hunt, users having connected app are still at potential risk. He is of the opinion that anyone can extract the vehicle identification numbers and control the physical features of the car, which is an important issue. With the ‘Internet of Things’ becoming a prime rush for the car manufacturers, the security issues should be addressed much more aggressively by the experts.