I would like to say this surprises me. But unfortunately I’ve heard rumblings for more than a year now about incidents like this.
There are various sites about hacking your onstar system so you can utilize the GPS unit. But that’s a local hack that is truly just a sophisticated modification to your own vehicle (regardless of how much GM dislikes it). However the hacking (or any abuse) of the onstar service would have far broader ramifications.
The fabled ultimate attack on theses systems is a supposed penetration into the onstar service network. Understanding that the system has the ability to track and perform fuctions in your car like stopping the engine (in the case of a stolen vehicle) or locking/unlocking doors (if the owner is locked out), imagine the widespread panic if all onstar vehicles were to have their engines disabled and all doors locked. If this happened on a massive scale all at once, you would strike terror across the country and completely tank confidence.
We know the highest government agencies are under constant attack. We know that some attacks are successful and they have a tremendous number of resources available to help prevent these attacks. We also are quite aware of attacks on private corporations every day. With GM being somewhere between these two entities (and onstar likely somewhere inbetween t00), what is the probability? We already acknowledge it’s possible.
In the case of the WebTech Plus service, they users were informed to remove the device from their vehicles until the issue was resolved with the network. I’m not proposing that you do it, but should one consider disabling their onstar unit in their vehicle? Yes I understand it’s there also for a rare safety incident, but does that imply that all those without onstar service are at a higher risk driving their vehicles? Perhaps this is a case where an once of prevention well outweighs the cure.
If you need me… I’ll be in the garage.