‘Serious’ security flaws found in Ford and Volkswagen cars

Security experts have discovered flaws in two popular cars that could allow hackers to put driver safety at risk.

Ford Focus

Security flaws have been uncovered in two best-selling cars that could allow computer hackers to gain access and put safety and privacy at risk.

Consumer group Which? partnered with experts to study the connected tech features of two models, the Ford Focus and Volkswagen Polo.

ALSO READ: Keyless car theft – how to prevent it and stay safe

The research concluded that manufacturers are being ‘careless with security’ because there is no meaningful industry-wide regulation for in-car technology.

Volkswagen Polo

Cyber security experts found they could intercept the tyre pressure monitoring system on the Ford. Hackers could tell the system to show that flat tyres were fully inflated – a potentially dangerous safety concern.

ALSO READ: Stolen in seconds: keyless new cars that fail security tests

Analysing the code also uncovered wi-fi details and the password of a computer system at Ford’s factory in Detroit, Michigan. (The Focus is built in Europe.)

Which? also noted the amount of personal information the car was storing, including location and travel direction, speed, acceleration, braking and steering.

‘Simply lift the VW badge’

Volkswagen Polo

On the Volkswagen, the security experts gained access to the infotainment system, through the ‘disable traction control’ function.

They noted it contains a huge amount of personal information, including phone contacts and location history.

Furthermore, the tech experts found they could access the car’s front radar module – simply by lifting the VW badge on the front grille.

This would allow hackers ‘to tamper with the collision warning system’.

Volkswagen Polo interior

Which? magazine editor Lisa Barber said: “Most cars now contain powerful computer systems, yet a glaring lack of regulation of these systems means they could be left wide open to attack by hackers – putting drivers’ safety and personal data at risk.

“The government should be working to ensure that appropriate security is built into the design of cars and put an end to a deeply flawed system of manufacturers marking their own homework on tech security.”

A regulation for on-board car computer systems is planned for 2021, adds Which? – but this is only voluntary.

The consumer group adds that while Volkswagen is engaging positively with it, Ford declined to receive the Which? technical report. 

Related Articles

Richard Aucock
Richard Aucockhttps://www.richardaucock.co.uk/
Richard is director at Motoring Research. He has been with us since 2001, and has been a motoring journalist even longer. He won the IMCO Motoring Writer of the Future Award in 1996 and the acclaimed Sir William Lyons Award in 1998. Both awards are run by the Guild of Motoring Writers and Richard is currently vice chair of the world's largest organisation for automotive media professionals. Richard is also a juror for World Car Awards and the UK juror for the AUTOBEST awards.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Porsche 963 RSP is a true Le Mans racer for the road

Built especially for Roger S. Penske, the one-off 963 RSP is a bespoke, road-legal version of Porsche’s Le Mans racing car.

New Aston Martin Valkyrie LM is the ultimate track day hypercar

Just 10 examples of the Aston Martin Valkyrie LM will be made, powered by the same Cosworth V12 engine as the Le Mans racer.

Honda Civic Type R bows out with £58,000 Ultimate Edition

Just 10 examples of the commemorative Honda Civic Type R Ultimate Edition will come to the UK, priced at £57,905.

UK is the worst-hit country in Europe for car clocking

Mileage tampering is said to cost British car buyers more than £1.2 billion every year, according to new research.