[Tushar]

Hacking is usually a term associated with computers or most electronic devices. However, with cars getting increasingly dependent on electronics, it looks like convenience features are being turned into a security threat. According to a report by Bloomberg, hackers target vulnerabilities in electronic locks and immobilizers, and the crime now accounts for 42% of stolen vehicles in London. BMWs and Range Rovers are said to be particularly at risk, and police say, a technically sound criminal can gain access to a car in as quickly as 60 seconds.

A similar vulnerability was identified in keyless vehicles, which are made by several car manufacturers. The weakness in question affects the Radio-Frequency Identification (RFID) transponder chip used in immobilizers. The research team first took its findings to the manufacturer of the affected chip in February 2012 and then to Volkswagen in May 2013. Volkswagen then filed a lawsuit to block the publication of the paper stating that it would increase the risk of their cars being stolen.

After lengthy negotiations, the paper by Roel Verdult and Baris Ege from Radboud University in the Netherlands and Flavio Garcia from the University of Birmingham, U.K, will now be presented at the USENIX security conference in Washington, D.C., albeit with one sentence giving an explicit description of a component of the calculations on the chip being removed.

The authors highlight how the cryptography and authentication protocol used in the Megamos Crypto transponder can be targeted by hackers and used to steal high end vehicles. The Megamos transponder is a commonly used immobilizer transponder in VW group vehicles including those from Audi, Porsche, Bentley and Lamborghini. Certain cars made by brands such as Fiat, Honda, Volvo and Maserati use the system as well. Other products like the DST transponder and KeeLoq too, have been targeted.

In order to fix the problem, manufacturers will have to replace the RFID chip in the keys and the transponders in the cars, which will entail a significant labour cost and will be a logistical challenge.

[hybridpetrol]

While the usage of electronics for security, vehicle theft has become complex for short term thieves. However, technically capable criminals can anyway gain access. Only that the way the thefts used to take place has changed now.
Apart from vehicle theft, there are many such dangerous possibilities in the future, with cars that can be connected to internet.
One concept is, a car would use the normal internet to connect to another car, with the aim to get the real time information about the places the car is travelling. For e.g if there is a road work in progress, which is not mentioned in the Maps, a car which has already travelled that location (car coming from opposite direction) would pass such information.
The driver can go majority of the time in cruise control, and the car would adaptively change the speed according to the real time information received from internet, and the information received from sensors all around.
These are certain advanced concepts planned for high end cars, which would anyway make way to low end cars with the passage of time.
When such technologies are adapted by mass market, consider the havoc if there is a security hole targeted by a web based criminal. Such as a hacker gets in to the system, provides incorrect map data, or controls the car speed abnormally. The possibilities can range from the passengers landing into a wrong destination to severe accidents!
The other side of technological advancement! Now even the Police force have to be technically equipped accordingly to prevent such instances and nail the criminals.

[Sutripta]

Slightly more details here.
http://www.bloomberg.com/news/articl...-security-flaw
or for those who can access
https://www.usenix.org/conference/us...tation/verdult

Wonder if VW owns Megamos Crypto.

Regards
Sutripta