The federal government is warning the public of an ongoing cyber vulnerability that could allow a nearby hacker to unlock vehicles
According to the Nigerian Communications Commission (NCC), the hackers can wirelessly start their engines and make off with cars
Beyond that the commission said owners of Honda and Acura car models are more vulnerable to this attack
A message has been sent to Nigerians by the Nigerian Communications Commission.
The Government Commission warned car owners in Nigeria to beware of new hacking methods that can remotely open car doors and start engines without a key.
Honda and Acura car model owners are said to be more vulnerable to this attack.
The findings of the Computer Security Incident Response Team, CSIRT, a cybersecurity center set up by the NCC for the telecom sector, reports Vanguard Newspaper.
Part of the report of the Centre, released to the media by the Director of Public Affairs, Dr. Ikechukwu Adinde, warned telecom consumers and members of the public, particularly car owners, about an ongoing cyber vulnerability that could allow a nearby hacker to unlock vehicles, wirelessly start their engines and get away with the cars.
< p class="align-left">He said:
“The CSIRT discovered that because car remote controls are categorized as short-range devices, the radio frequency, RF, To cars lock and unlock, there are imminent dangers in a new hacking technique that hackers are exploiting to unlock and start a compromised car”.
The CSIRT announced that that the vulnerability is a man-in-the-middle attack, or more specifically a replay attack, in which an attacker takes the keys to the car, normally removed from a, manipulates these signals and later retransmits them, to the car at will n to unlock.
Adinde quoted the CSIRT as saying:
“Several researchers have disclosed a vulnerability allegedly used by an attacker nearby to unlock some Honda and Acura car models and start their engines wirelessly. The attack consists of an attacker capturing the radio frequency (RF) signals sent to the car by your key fob and retransmitting those signals to take control of your car’s remote keyless entry system.”
“However, if If you are affected, the only remedy is to have your fob reset at the retailer. The affected automaker can provide a security mechanism that generates new codes for each authentication request, making it difficult for an attacker to play the codes afterwards.”
The commission also advised car users to keep their key fobs kept in signal-blocking “Faraday bags” when not in use.
It warned car owners, especially of Honda and Acura models, to choose Passive Keyless Entry, PKE, as opposed to Remote Keyless Entry RKE, to make it more difficult for an attacker to read the signal, since criminals would need to be in close proximity to carry out their nefarious actions.
The PKE is a vehicle security system that works automatically when the user is near the vehicle, unlocking the door when the user approaches or when the door handle is pulled, and also locking it when the User walks away or the car touches exit. The RKE system, on the other hand, is the standard solution for conveniently locking and unlocking vehicle doors and trunks using a remote control.
Data costs are rising as telecommunications companies write NCC for tariff changes
Legit.ng reported that Nigerians are likely to pay more for calls and data as telecom companies propose a new rate hike of 40 percent.
They announced this in a letter, which they sent to the Nigerian Communications Commission entitled “Impact of the Economic and Security Issues on the Telecommunications Sector”.
The letter was written by the telecommunications companies under the aegis of the Association of Licensed Telecommunication Operators of Nigeria written to the NCC.