Research from the University of California San Diego and the University of Washington has concluded that modern cars are susceptible to wireless hacking because of a security lapse at the car electronics software design stage.
According to Mr Barmak Meftah, chief products officer at Fortify Software, a software security assurance specialist, the latest cars now coming with as many as 50 or more interconnected computer systems - controlling everything from the brakes to the door locks and ignition system - now that the vehicles are becoming wirelessly-enabled, are a lot easier to electronically hack into.
"It's interesting to see that the researchers have identified that most cars built since the late 1990s have a computer diagnostic port, since this port needs direct physical access to operate and therefore hack," said Meftah.
Meftah added: "But now these systems are being wirelessly enabled and held together with several tens of megabytes of code, it's a relatively small step to modify the code and allow hackers an easy - and wireless - back door into a car's computer system.
Meftah revealed it was no theoretical exercise as the researchers were able to load new firmware onto their own circuitboard and, by plugging the board into the car's internal network, translate the data flowing between the vehicle and a laptop.
Vigilance learnt that this reverse engineering process allowed the researchers to develop a customised vehicle network interface and effectively take control of the car's electronic nervous system.
The Fortify chief products officer further revealed that the killer hack was when the researchers were able to generate network commands wirelessly from another car.
"In theory this will eventually allows a wireless drive-by attack on the firmware of a car, to the point where it's central locking and ignition protection systems can be disabled. A professional thief can then saunter up, open the car and simply drive off," he explained.
He lamented that car manufacturers should have foreseen the development of hacking attacks on their vehicle computer systems and built security safeguards into the firmware to stop this type of electronic hacking.
"It's all very well saying that the manufacturers should enhance the security of their car computer networks and the protocols used, but this potential fiasco could have been avoided if car developers had built security in from the ground up on a vehicle's electronics systems," he however wished.
That way, he reasoned if someone were to hack into the electronics, the car's central nervous system would realise it was under attack and take appropriate action, such as immobilising the vehicle.
Mr Meftah wondered aloud:"When you consider the high standard of IT defences that a typical office server has built in, it seems strange that something like a car - which costs ten times the price of a server, and then some - does not have similar levels of protection."