‘Serious’ security flaws found in Ford and Volkswagen cars

Richard Aucock
Ford Focus

Security flaws have been uncovered in two best-selling cars that could allow computer hackers to gain access and put safety and privacy at risk.

Consumer group Which? partnered with experts to study the connected tech features of two models, the Ford Focus and Volkswagen Polo.

ALSO READ: Keyless car theft – how to prevent it and stay safe

The research concluded that manufacturers are being ‘careless with security’ because there is no meaningful industry-wide regulation for in-car technology.

Volkswagen Polo

Cyber security experts found they could intercept the tyre pressure monitoring system on the Ford. Hackers could tell the system to show that flat tyres were fully inflated – a potentially dangerous safety concern.

ALSO READ: Stolen in seconds: keyless new cars that fail security tests

Analysing the code also uncovered wi-fi details and the password of a computer system at Ford’s factory in Detroit, Michigan. (The Focus is built in Europe.)

Which? also noted the amount of personal information the car was storing, including location and travel direction, speed, acceleration, braking and steering.

‘Simply lift the VW badge’

Volkswagen Polo

On the Volkswagen, the security experts gained access to the infotainment system, through the ‘disable traction control’ function.

They noted it contains a huge amount of personal information, including phone contacts and location history.

Furthermore, the tech experts found they could access the car’s front radar module – simply by lifting the VW badge on the front grille.

This would allow hackers ‘to tamper with the collision warning system’.

Volkswagen Polo interior

Which? magazine editor Lisa Barber said: “Most cars now contain powerful computer systems, yet a glaring lack of regulation of these systems means they could be left wide open to attack by hackers – putting drivers’ safety and personal data at risk.

“The government should be working to ensure that appropriate security is built into the design of cars and put an end to a deeply flawed system of manufacturers marking their own homework on tech security.”

A regulation for on-board car computer systems is planned for 2021, adds Which? – but this is only voluntary.

The consumer group adds that while Volkswagen is engaging positively with it, Ford declined to receive the Which? technical report. 

The post ‘Serious’ security flaws found in Ford and Volkswagen cars appeared first on Motoring Research.