New vulnerabilities reported to hack Ford Focus & Volkswagen Polo

While technological advances help facilitate some everyday activities, they can also be used by hackers to expose people to new variants of cyberattacks. Cloud security course specialists published research in which they claimed that some popular Ford and Volkswagen car models have severe security flaws that compromise personal information and users’ physical integrity.

The research, published on the consumer association’s portal “Which?”, mentions that vulnerabilities are found in the popular Ford Focus and Volkswagen Polo models, which have smart features (such as internet-connected media systems).

The report by cloud security course specialists ensures that these failures expose the owners of these car models to various attack scenarios, including data theft and sending false information to the vehicle management system. In addition, researchers hold manufacturers responsible for limited safety measures in the use of this technology.

These systems were analyzed by specialists from the firm Context Information Security, who determined that it is possible to hack the technology behind these systems to disable traction control of the affected cars, in addition to accessing confidential information from the owner, such as telephone number and location history.

This is not the only finding, as experts discovered that by lifting the Volkswagen badge at the front of the car it is possible to access the radar module, which would allow a threat actor to alter the car’s security systems, exposing the owner to a collision in certain scenarios.

Regarding the analysis at The Ford Focus, cloud security course experts found that using a laptop and a $25 USD device (available on Amazon), a hacker could intercept the tire pressure monitoring system, sending false notifications to the user.

Researchers claim that cars with smart features do not contain adequate protections, so they are exposed to a wide variety of cyberattacks. Despite the complexity of securing the information of an internet-connected car, this is a common practice among automakers.

While the International Institute of Cyber Security (IICS) notes that these attacks are complex and only work under certain circumstances, they also emphasize that other attack variants could appear in the future, so manufacturers should pay more attention to detect potential attack vectors before cybercriminals do so.