Ever since BMW’s iDrive system debuted in 2001, using Microsoft Windows Automotive software as its base, pessimists have been predicting the appearance of viruses in cars.
Earlier this week CNN carried a Reuters report on the topic, suggesting that the proliferation of Bluetooth mobile-phone interfaces in cars will hasten the dreaded day when the first automotive worm strikes. The story quotes research chief Yevgeni Kaspersky of respected Russian antivirus specialist Kaspersky Lab:
Sooner or later the hackers will find the vulnerability in the operating systems of on-board computers and ... will definitely use it.
From this dire warning, the report then goes on to be a little over-optimistic in its assessment of the worst-case scenario, suggesting that future drivers might face “an annoying trip to the repair shop or having to reboot the system”.
Things could get a lot worse than that.
Consider that the latest BMW M5 has selectable software control over stability systems, engine power output, suspension set-up and steering assistance.
What if a virus got into the system and didn’t do anything obvious - just lurked there, unnoticed, waiting for a moment of emergency, when the stability system kicks in to correct an over-keen, high-speed manoeuvre. What if the virus then switched off the stability control, increased the engine output, softened the dampers and then started fooling around with the power steering? Occupants of the car could easily end up dead.
That may sound far-fetched, but today many hackers are professional criminals, into blackmail for financial gain not idle vandalism. The author of such a virus would be targeting the car’s manufacturer, not the hapless driver. But that would be small comfort to those on the receiving end.