BMW cars found to contain more than a dozen flaws

Keen Lab BMW imageKeen Lab
The hack attack tests were all carried out in controlled environments

BMW's car computer systems have been found to contain 14 separate flaws, according to a study by a Chinese cyber-security lab.

They could, in theory, let hackers take at least partial control of affected vehicles while in use.

The researchers identified ways to compromise the cars by plugging in infected USB sticks, as well via contactless means including Bluetooth and the vehicles' own 3G/4G data links.

BMW is working on fixes.

Its customers have been advised to keep an eye out for software updates and other counter-measures from the German company over the coming months.

Remote attack

Keen Lab - a division of the Chinese technology giant Tencent - began its investigation in January 2017 and shared its findings with BMW just over a year later.

It said the vulnerabilities were found mostly within three different parts of the cars' electronics:

  • the internet-connected infotainment systems - which provide sat-nav guidance, radio-station playback, car diagnostic information, and in some cases voice-recognition services
  • the telematics control unit - the electronics and software that allow a vehicle's location to be tracked
  • the central gateway module - the information bridge that controls the flow of data between the vehicle's various electrical components

The researchers are holding back their full findings until 2019, to give BMW more time to tackle the problems.

Keen Lab GraphicKeen Lab
Keen Lab says that it was able to simulate remote attacks on BMW cars

But they described one scenario in which a rogue mobile data transmitter could be used to exploit vulnerabilities in the infotainment and telematics parts.

"Technically speaking, it's possible to launch the attack from hundreds of metres, even when the car is in the driving mode," they wrote, adding that attackers could then create "backdoors" to inject diagnostic messages that could in turn affect the driver's control.

Several models of BMW cars are said to be affected, including at least some of its i, X, 3, 5 and 7 Series designs.

BMW has verified all the reported vulnerabilities, and awarded Keen Lab with an "IT research" prize earlier this week for its work.

"We have been working closely with Tencent for months to understand and address any cyber-security issues," said a spokesman for the car manufacturer.

"It has been a collaborative relationship and an important one as this kind of security has now become such an important topic for manufacturers."

Keen Lab Keen Lab photoKeen Lab
Keen Lab says it tested four different types of BMW car during its tests

One independent expert said this approach was to be welcomed.

"Modern cars have an extraordinary amount of software running essential systems as well as infotainment systems," said Prof Alan Woodward, from the University of Surrey.

"It's not surprising that researchers are paying particular attention to such systems, nor that they find flaws.

"BMW is not the first nor will it be the last manufacturer to have such flaws in their cars."