May 23, 2018

Security vulnerabilities on some BMWs could allow remote access

Photo: Alexander Pohl/NurPhoto via Getty Images

There are 14 vulnerabilities in BMW’s vehicles that allow remote hacks that could affect drivers’ control of the vehicles, Tencent’s Keen Security Lab has found. The vulnerabilities were found in the location tracking systems; infotainment systems, including voice recognition services; and, in some cases, malicious hacks could be launched using "serious vulnerabilities" in the USB interfaces.

The big picture: BMW won't be the last auto company to have security gaps unearthed. As connected cars become more and more ubiquitous, we will see more researchers focusing on potential flaws in security design in automobiles.

About the potential attacks:

  • While nine required physical access to the car, five could be launched remotely via Bluetooth or a cellular network.
  • The vulnerabilities affect some i, X, 3, 5 and 7 Series designs, per the lab.

BMW’s response: BMW has verified the flaws and even given Tencent an award. The automaker has launched some over-the-air updates — and software updates will be available at dealerships.

  • What's next: BMW notes in its release on the award that there is room for future collaboration with Tencent on research.

Go deeper

JPMorgan Chase to pull support for some fossil fuels

Illustration: Sarah Grillo/Axios

JPMorgan Chase said Monday that it won’t directly finance new oil and gas development in the Arctic and will significantly curtail its financing of the extraction and burning of coal.

Why it matters: JPMorgan is the world’s largest funder of fossil-fuel companies, according to a report by the Rainforest Action Network (RAN). The announcement follows similar moves by other big banks and investment firms, including Goldman Sachs and BlackRock.

WHO won't call coronavirus a pandemic as cases spread

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC, and China's Health Ministry. Note: China numbers are for the mainland only and U.S. numbers include repatriated citizens.

The World Health Organization will not yet call the coronavirus a pandemic, claiming that needs across affected countries are too varied and the classification would increase fear, per a briefing Monday.

The big picture: As South Korea and Italy stepped up emergency measures in efforts to thwart the spread of the virus, WHO expressed concern about infections with no clear link to China. COVID-19 has killed at least 2,620 people and infected almost 80,000 others, with all but 27 deaths occurring in mainland China.

Go deeperArrowUpdated 1 hour ago - Health