BMW Security Flaw Allowed Remote Unlocking

BMW ConnectedDrive Unsecure

A German motoring organisation ADAC has found certain security flaws in BMW's ConnectedDrive technology that can allow unauthorised users to remotely unlock the vehicles. This is a scary situation as the intruder does not need to break window panes to get access to the car and can simply walk in and drive away. The issue affected about 2.2 million Rolls Royce, Mini and BMW models that come equipped with ConnectedDrive – a technology that allows car owners to access internet, navigation and other services via a SIM card installed directly into vehicles.

BMW acted swiftly when informed by ADAC about this vulnerability and has been able to successfully plug the weakness in their system. The patch was applied automatically starting 31st January, encrypting the car’s data with HTTPS – a common internet security measure used in everything from banks to e-commerce platforms. Vehicle software can be updated in two ways. First is the automatic method in which when the vehicle connects to the BMW Group server the ConnectedDrive software will be updated. For some reason if the car had been offline or out of battery then the user need to call up the service configuration manually. If you are worried that your vehicle may not have received the update then you should choose “Update Services” from your car’s menu.

Read more on: BMW
Source