Five steps motorists should take to keep their connected cars safe

1. Add a password for your Wi-Fi – and one that hasn’t been hacked before

If your car has its own WiFi connection, create your own password as soon as possible; previous hacks, including the case of the Jeep Cherokee, was made possible by the weak default WiFi password supplied by the manufacturer.

There was also a more recent case of a criminal – named L&M – who was able to monitor the locations and switch off the engines of thousands of vehicles in South Africa, Morocco, India and the Philippines.

These vehicles were all fitted with tracking devices that had a pre-set password of ‘123456’, which many users had failed to change. 

Using reused or easy to guess passwords makes a cyber criminal’s job far easier. But there are ways to find out if a password is more or less likely to be guessed by criminals. 

For example, pwndpasswords has a database of over 500 million passwords that have been previously exposed in data breaches. It’s safe to say that these passwords are being reused by attackers.

It’s good practice to create unique passwords which have a mix of random numbers and letters, include capitals and symbols, and don’t relate to you personally. 

There are also random password generators online if you’re struggling for inspiration.   

Pwned is one of the website that allows you to check if a password you use has been breached previously

2. Use a garage and mechanic you trust 

Always use a trusted and qualified mechanic for your MOT, service and repairs. 

As part of routine checks, mechanics will plug a device into the On-Board Diagnostic (ODB) port to check for any fault or diagnostic codes which need to be resolved.

However, this access could be used for malicious reasons, such as programming your electronic brake sensor to trigger early, lowering the life of your brake pads and meaning more trips (and bills) at the garage. 

If you’re unsure, look-up a garage in your area which is part of the Good Garage Scheme – a signal they perform services to a strict Code of Conduct.

3. Utilise the vehicle maker’s security software updates as quickly as possible  

Watch out for software updates – also known as ‘patches’ – from your vehicle’s manufacturer, which could include enhanced security features to protect you from newly identified threats. 

Make sure you’re subscribed to manufacturer alerts and act quickly if you get notified of an update – all you normally need to do is enter your Vehicle Identification Number (VIN), a 17-digit number stamped into the car’s chassis.

4. Recognise that phone apps could be a threat

Keeping your phone applications – especially those linked to your motor, like Apple CarPlay and Android Auto –  up to date is also key.

Any app that control functions in your car should have the most up-to-date security release.

A recent study in June found that 76 per cent of mobile applications have security flaws, so choose the ones you download wisely.

If you’re really concerned, consider opting out from these apps completely.

Some experts have warned that hackers can steal your car via a smart kettle

Some experts have warned that hackers can steal your car via a smart kettle

5. Disconnect your car from your home hub 

Having your car connected to your smart home hub can have its perks. For instance, driving home on a winter’s evening and being able to turn the heating on in your property from the driver’s seat so it’s nice and toasty when you walk through the front door.

However, experts have warned that some devices linked to home hubs – especially small devices in the house – have basic security systems that hackers can infiltrate and use to access other products, like your car, that are connected to the same hub device. 

In an interview with This is Money, cyber-hack guru Tony Dyhouse, director of Trustworthy Software Initiative, warned: ‘If there is a path from the car to a smart hub linked to a variety of devices, there is also a path in the opposite direction.

‘That means there’s opportunity to hack any device within the entire network by using the signal as a portal.

‘The more devices you add results in an exponential increase in risk. Ultimately, someone online could unlock your car doors and start the engine by hacking into your smart kettle.’