TomTom Pulls Windows Malware into Autos

 
 
By Matt Hines  |  Posted 2007-01-31
 
 
 

TomTom Pulls Windows Malware into Autos


The long-running joke about cars breaking down and getting infected by viruses if they ran on Microsoft software appears to have grown closer to reality, as navigation device maker TomTom has admitted the inclusion of two Windows malware variants in one of its products.

On Jan. 29, TomTom, which is based in Amsterdam, conceded that an isolated number of its Go 910 navigation systems may have been infected with Windows malware. According to the company, the viruses, identified by security researchers including F-Secure as the Perlovga.a and Small.qp threats, do not affect the navigation performance of the handhelds.

TomTom reported that the viruses, both of which are considered by researchers to be low risk in nature, found their way into the navigation systems as they were being produced during the fourth quarter of 2006. Company officials did not immediately return calls seeking further details of the incident.

Despite the fact that the Windows viruses pose no known threat to the navigation device, which actually runs on a Linux-based operating system, experts highlighted the landmark nature of the event, as people have been predicting for years that the security issues rampant on PCs would eventually find their way into cars as more and more information technology applications are integrated into vehicles.

The only real threat posed by the TomTom-borne viruses is that people connecting the devices to their PCs could be infected by the attacks. In fact, researchers at F-Secure, an anti-virus software maker based in Helsinki, Finland, said the problem was first discovered when some TomTom customers began receiving notifications from their desktop anti-virus systems when they connected the devices to their PCs. Users can link the navigation systems to desktops to save backups of their travel routes.

Security experts observed that the issue, while not a real threat to autos, is very similar to incidents experienced by Apple, Creative and fast-food giant McDonalds, each of which distributed multimedia players to customers that had malware code hidden inside them.

IBM researchers say software vulnerabilities that allow hackers to exploit popular programs will continue to rise during 2007. Click here to read more.

While such attacks have not caused problems for users, the scenario illustrates the likelihood that security problems, viruses in particular, will begin to migrate onto different machines as attackers find ways to sneak their work onboard.

The big fear with viruses finding their way into automobiles is that someone could potentially use the programs to locate vehicles, break into them, track drivers movements, or even take over navigation systems to lure someone off course and assault them or steal their car.

There is already evidence that hackers have some ability to take over some of the computerized systems offered in more advanced vehicles, with authorities in the United Kingdom contending that thieves used a laptop computer to bypass the locks and ignitions of two BMW SUVs stolen from British soccer star David Beckham in 2006.

The prevailing idea is that computer viruses could be used to do physical and financial harm to people in a manner that may be far worse than the problems caused by malware on PCs, specifically as IT is pushed into automobiles and a litany of other devices that individuals use in their daily lives.

"Its pretty interesting because weve often talked about the possibility of a car getting hit by viruses, and here its sort of happening now," said Patrik Runald, senior security specialist at F-Secure. "This is really just an embarrassment for TomTom, versus a threat, but it gives us an idea of how this sort of thing can actually happen."

Next Page: Next up: On-board entertainment systems?

Page 2


Another possible threat vector could be the on-board entertainment systems being included in many new vehicles, Runald said. Ultimately, people will have to expect that viruses are a reality with any type of computer, no matter what application it is being used for, according to the expert.

"As soon as we get a critical mass of any type of intelligent device among end users, especially those hooked up to the Web, it will become a new market for the bad guys, although PCs will likely remain the leading target for the foreseeable future," he said.

Other experts echoed those sentiments, observing that anything that can be plugged into a PC is fair game for malware writers looking for new distribution methods for their programs.

Most companies not directly affected by viruses in their products have yet to wake up to the reality of a malware evolution outside of the PC domain, said Dennis Szerszen, senior vice president at SecureWave, an endpoint security software maker based in Luxembourg.

"The PC has always represented the endpoint, so thats where the threats have centered, but nothing is sacred anymore and anything you plug into a PC is fair game for attackers," said Szerszen. "TomTom could have done a better job to ensure these werent in there, but its hard to fault them too much; Apples quality assurance is rock-solid and they got hit too.

"The fact is, it only takes one moment to get malware into something, and then these programs by their nature find ways to spread themselves," he said. "So no one should be too surprised by this, and its not really a poor refection on TomTom as much as this illustrates the ubiquity of malware code."

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.

Rocket Fuel