Cybercriminals Are Increasingly Targeting Connected Cars, Identity Theft

Written By Vindskar Insights Team

Cybercriminals are increasingly targeting connected cars to steal personal data and commit identity theft. Here are some key ways they are exploiting vehicle data:

Accessing Vehicle Systems

Hackers can potentially gain unauthorized access to a car's computer systems and networks through:

- Exploiting vulnerabilities in connected car apps and infotainment systems

- Intercepting wireless communications between the car and external networks

- Using the vehicle identification number (VIN) to trick systems into granting access

Once they breach the vehicle's systems, criminals can extract sensitive data stored there.

Types of Data Targeted

The personal information cybercriminals aim to steal from connected cars includes:

- Driver's personal details (name, address, phone number, etc.)

- Location data and travel history

- Synced contacts and call logs

- Synced social media accounts and feeds

- Stored passwords and account credentials

- Financial information linked to in-car payment systems

Methods of Exploitation

Criminals use various techniques to steal and misuse this data:

- Selling stolen car user accounts and credentials on the dark web

- Impersonating the vehicle owner to access other accounts

- Using location data to determine when a home is unoccupied for burglary

- Cloning the vehicle's identity using the VIN for fraud or theft

- Leveraging personal information for identity theft and financial fraud

Emerging Threats

As connected car technology advances, new risks are emerging:

- Exploiting AI-powered systems in vehicles for more sophisticated attacks

- Using deepfakes to bypass voice authentication in cars

- Targeting electric vehicle charging stations to spread malware

The increasing connectivity of modern vehicles is creating new opportunities for cybercriminals to access personal data and commit identity theft on a large scale. Protecting vehicle systems and data has become crucial for preventing these emerging forms of automotive cybercrime.

Citations:

[1] https://www.forbes.com/sites/thomasbrewster/2022/12/01/10000-cars-can-be-data-raided-by-police-ice-cbp-love-it/

[2] https://www.uscybersecurity.net/how-cybercriminals-use-vehicle-identification-numbers-vin-to-hack-cars/

[3] https://www.helpnetsecurity.com/2023/09/05/connected-cars-cybercrime/

[4] https://www.hubsmartcoverage.ca/blog/how-drivers-auto-data-is-within-reach-of-thieves-hackers/

[5] https://www.kasada.io/accounts-stolen-in-automotive-credential-stuffing-attack/

[6] https://www.cbsnews.com/texas/news/auto-buyer-beware-different-kind-identity-theft-impacting-north-texas/

[7] https://blog.fraudfighter.com/the-alarming-rise-of-car-theft-due-to-fraud

[8] https://www.thomsonreuters.com/en-us/posts/government/identity-theft-drivers/

Vindskar Insights Team
Previous

Texas Legislature, House Select Committee on Emerging Technology, Cyber Threats in Transportation
Next

Insurance Companies Face Significant Costs Associated with First Notice of Loss (FNOL) and Claims Processing