Home / / Flaws in BMW systems allow hackers to take control

Flaws in BMW systems allow hackers to take control

Security researchers find flaws in onboard systems that could enable car hacks

Flaws in BMW systems allow hackers to take control
BMW has invested in connected car systems, but security researchers have found a number of flaws, some of which can be exploited remotely.

Flaws in BMW onboard computer systems could allow attackers to remotely take partial control of vehicles, the BBC reports.

An investigation by Keen Lab, a division of Tencent, found 14 separate vulnerabilities in different in-car systems which could theoretically allow a hacker to gain some control over the car from hundreds of metres away, even while the car is driving.

Security researchers found that systems could be compromised through contactless means such as Bluetooth and 3G and 4G data links, or through USB drives.

Researchers identified three main systems which were vulnerable to attack, including the in-car infotainment systems, including sat-nav guidance, radio-station playback, car diagnostic information, and voice-recognition services; the telematics control unit which provides location tracking, and the central gateway which links various electronic control units (ECUs) and other connected systems in the car.

BMW said it is working on fixes for the problems, and that users should be aware that updates will be made available soon.

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.