Security is a hot topic at automotive conferences all over the world. Self-driving cars are the primary concern – if a hacker could break into and command one of those, the results would be catastrophic.
Automakers are searching for ways to prevent the worst from happening, and many IT security companies (including some specifically targeting the auto industry) are eager to assist. That’s great, but what happens if hackers choose to target the phone connected to the vehicle instead? Could smartphone connectivity offer a backdoor entrance for cyberattacks?
“The hacking that’s been done today has been relatively low-tech – completely organized, orchestrated and almost in a laboratory setting,” said Dan Murray, VP of research at the American Transport Research Institute. “The good news is, we don’t have autonomous vehicles out there today that represent anything beyond a level 3 at the best. It’s not something we’re going to be facing tomorrow.”
Murray said that if hackers were able to breach the CIA, hacking into a car or truck is “probably not rocket science.” “It can be done, certainly,” he said. “I don’t think the hacking technology is moving substantially faster than the security development behind it.”
Vulnerabilities are everywhere
Wallace Lau, team lead for automotive and transportation at Frost & Sullivan, said there are vulnerabilities from “pretty much every single part that connects to the car.”
“Even key locks,” said Lau. “The signal can be intercepted and people can hack it and open doors. From an autonomous car or truck perspective, you could hack in and take control away from the driver, which is a very scary thought.”
In addition to malicious attacks, hackers may also be interested in driver data. Lau believes this could lead to a new type of theft.
“It could be driver records in the trucking industry, [such as] freight routes,” Lau warned. “Once you learn people’s freight routes you can probably track them in specific situations and figure out their tendencies for their loads. It’s an upcoming topic that’s evolving every single day. We’ve seen, in some instances, carmakers and truck makers are telling people to try and hack into their systems [to test their security]. Some people have gotten in pretty easily.”
Security is a must
Sandeep Kar, global head of content transformation and global VP of mobility at Frost & Sullivan, said that automakers need to add “layers and layers of redundancy” to their security solutions.
“[New car] technologies are great but they need to be secured,” said Kar. “Otherwise you will not find much progress. I believe that is where a lot of these information technology companies, while typically not part of the ecosystem, they will become more and more important. They will be the partners for OEMs in securing trucks from cyberattacks and hacking and all these things.”
If a hack were to occur, it could severely damage the automaker’s brand name.
“If it’s a drunk driving case, people blame the drunk driver or the brand of alcohol,” said Kar. “When it’s a truck driven by itself, people will blame the brand of truck. That can cause irreparable damage to their brand. It’s in the best interest of the OEMs manufacturing these vehicles to partner with companies that can secure their systems from hackers and cyberattacks and from other forms of malicious intent. In doing so obviously there’s a cost involved, and that cost will eventually be baked into the cost of the vehicle and passed on to the consumer.”
About the author:
Louis Bedigian is an experienced journalist and contributor to various automotive trade publications. He is a dynamic writer, editor and communications specialist with expertise in the areas of journalism, promotional copy, PR, research and social networking.