A British tech security company has decided to try to hack a Mitsubishi Outlander and it has managed to do it quite easily.
The UK-based Pen Test Partners company proved once again that auto cybersecurity is a real concern by accessing through Wi-Fi the system computer on a Mitsubishi Outlander plug-in hybrid electric. Once inside, the firm’s tech guys could easily mess around with the charging programme or playing with the air conditioning and heating, thus draining the battery. But worse than that, they managed to disable the alarm system and “once unlocked, there is potential for many more attacks,” they reported. “The on-board diagnostics port is accessible once the door is unlocked.” The company also said that it tried to privately discuss the issue with Mitsubishi, but the attempt was greeted with disinterest. Therefore, Pen Test Partners contacted BBC to disclose the vulnerability and Mitsubishi has suddenly become very responsive, while the automaker also started to work on a fix.
Such news comes nearly a year after Fiat Chrysler was forced to recall 1.4 million US vehicles to install new software, following a magazine report that raised concerns about hacking, marking the first safety cybersecurity action for the automotive industry. In February, a cyber-security specialist found out that the smartphone app specially made to remotely control some of Leaf’s functions could be hacked into, prompting Nissan to temporally disable it. Earlier this year, in a joint issued bulletin, the FBI and US National Highway Traffic Safety Administration said owners and carmakers should be much more aware of cybersecurity risks triggered by the rising of connectivity techs.