Nissan shutters Leaf electric car app after cross-continent hacking vulnerability discovered

Nissan Motor Co. disabled a mobile application for controlling its Leaf electric car following a security researcher demonstrated how hackers could access temperature controls and other functions from across continents.

Japan’s second-largest automaker made the app unavailable after Australian researcher Troy Hunt demonstrated an ability to compromise into a friend’s Leaf in the U.K. and access information about the battery status and climate controls. Hunt wrote the car’s vehicle identification number, that is visible through the car’s windshield, was the only piece of information needed to undermine the app’s insecure programming.

Related

A game of cat-and-mouse: Automakers’ scary find it difficult to prevent hackers from seizing charge of carsHow Magna’s cyber-security partnership is taking advantage of growing car-hacking fears

U.S. regulators have called for carmakers to boost safety measures after Fiat Chrysler Automobiles NV this past year recalled 1.4 million vehicles that hackers could access remotely and control the steering, brakes and engine. Mark Rosekind, administrator for that National Highway Traffic Safety Administration, in January called for specific actions the government may take within the next year to speed the adoption of technologies that would make autos less vulnerable.

Nissan apologized on its Facebook page after disabling the electric car’s app and said it’s focusing on an updated version. The only functions that could be controlled remotely through the app could be operated manually, based on an e-mailed statement.



Bloomberg News