Hackers can already break into your laptop or smartphone. Now, they also have the ability to target automatic car washes. If hackers choose to target a car wash, they can damage your vehicle and even trap you inside.
How Hackers Target Car Washes
According to recent research, there are vulnerabilities within the automatic systems. In particular, the PDQ LaserWash system is known for being vulnerable. Hackers can use these vulnerabilities to break into the system. Once they are inside, they can use the car wash to attack the occupant.
While the vulnerability was discovered several years ago, it took a long time for researchers to convince a car wash company to let them test the vulnerability out. The research shows that connected devices have major safety issues. Any system that is linked to the internet is potentially at risk.
The biggest problem is how automatic car washes work. This is not just a hacker breaking into a baby camera or stealing financial information. An automatic car wash has many mechanical and industrial parts. These parts can become a weapon when used by the wrong people.
The LaserWash system was designed so that owners could monitor and control it remotely. The entire system uses a Windows CE computer, which includes a version that is no longer supported by Microsoft. Because of this, security vulnerabilities can be exploited and used to take control of the machinery. Another vulnerability is found that many car washes use a very simple default password. Once hackers enter this code, they are able to log in to the system.
Hackers can monitor the system like the owner does. They can also use other exploits to work around the safety sensors. This technique would allow hackers to close the doors on the car wash while a vehicle is entering. The hackers could also shut down safety systems so that the roller arms crush the top of the vehicle.
Are You Protected?
The best way to protect yourself is by being aware of where you are. Pay attention to your surroundings and notice if there are any suspicious signs nearby. A major brand is more likely to be safer than a mom-and-pop company in the middle of nowhere.
PDQ Manufacturing has been working to fix the vulnerabilities. They have been collaborating with the Department of Homeland Security to find ways to remedy the problem. Internet-based car washes are recommended to change their default passwords. PDQ Manufacturing is also working to make sure that every system operates behind a firewall.
Another obvious option for protecting your life and your vehicle is to skip the car wash altogether. With companies like MobileWash, car owners can have their vehicles professionally washed and detailed by hand in the convenience of their driveway or parking lot. Until these vulnerabilities are fixed, it might be a good idea to avoid automatic car washes.