‘Serious’ security flaws found in Ford and Volkswagen cars

Security experts have discovered flaws in two popular cars that could allow hackers to put driver safety at risk.

Ford Focus

Security flaws have been uncovered in two best-selling cars that could allow computer hackers to gain access and put safety and privacy at risk.

Consumer group Which? partnered with experts to study the connected tech features of two models, the Ford Focus and Volkswagen Polo.

ALSO READ: Keyless car theft – how to prevent it and stay safe

The research concluded that manufacturers are being ‘careless with security’ because there is no meaningful industry-wide regulation for in-car technology.

Volkswagen Polo

Cyber security experts found they could intercept the tyre pressure monitoring system on the Ford. Hackers could tell the system to show that flat tyres were fully inflated – a potentially dangerous safety concern.

ALSO READ: Stolen in seconds: keyless new cars that fail security tests

Analysing the code also uncovered wi-fi details and the password of a computer system at Ford’s factory in Detroit, Michigan. (The Focus is built in Europe.)

Which? also noted the amount of personal information the car was storing, including location and travel direction, speed, acceleration, braking and steering.

‘Simply lift the VW badge’

Volkswagen Polo

On the Volkswagen, the security experts gained access to the infotainment system, through the ‘disable traction control’ function.

They noted it contains a huge amount of personal information, including phone contacts and location history.

Furthermore, the tech experts found they could access the car’s front radar module – simply by lifting the VW badge on the front grille.

This would allow hackers ‘to tamper with the collision warning system’.

Volkswagen Polo interior

Which? magazine editor Lisa Barber said: “Most cars now contain powerful computer systems, yet a glaring lack of regulation of these systems means they could be left wide open to attack by hackers – putting drivers’ safety and personal data at risk.

“The government should be working to ensure that appropriate security is built into the design of cars and put an end to a deeply flawed system of manufacturers marking their own homework on tech security.”

A regulation for on-board car computer systems is planned for 2021, adds Which? – but this is only voluntary.

The consumer group adds that while Volkswagen is engaging positively with it, Ford declined to receive the Which? technical report. 

Related Articles

Richard Aucockhttps://www.motoringresearch.com/
Richard is director at Motoring Research. He has been with us since 2001, and has been a motoring journalist even longer. He won the IMCO Motoring Writer of the Future Award in 1996 and the acclaimed Sir William Lyons Award in 1998. Both awards are run by the Guild of Motoring Writers and Richard is currently chairman of the world's largest organisation for automotive media professionals. Richard is also a juror for World Car Awards and the UK juror for the AUTOBEST awards.


Please enter your comment!
Please enter your name here


How to move over safely for emergency vehicles

Driving with blue lights gives the emergency services exemption from certain parts of the Highway Code. We explain the rules.

Petrol station drive-offs: what does the law say?

Although Making Off Without Payment is an offence under the Theft Act 1978, the police may not investigate a petrol station drive-off.

Peugeot launches PCP car finance with insurance and servicing included

Peugeot's new PCP Plus finance scheme is a four-year Personal Contract Purchase plan that includes two years of servicing and insurance.

McLaren’s new hybrid supercar to be called Artura

The McLaren Artura is powered by a twin-turbocharged V6 with hybrid tech and could hit 250mph. It goes on sale in 2021. Excited? We are.

Find a Car Review