Knect365 is part of the Knowledge and Networking Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 3099067.

Informa

Are Manufacturers Taking the Right Precautions to Safeguard Cars Against Hacking Attacks?

Technology abounds in modern society. From smartphones to tablet computers and smart TVs, we often take the devices we use every day for granted and fail to marvel at how easy they make our lives. However, the abundance of technology in everyday society has garnered a collective name of its own and is now dubbed The Internet of Things.

The Internet of Things extends to the newest cars being manufactured, vehicles that are called connected cars because of their ability to download and utilize mobile applications dongles, and other software that let today's drivers navigate, find parking spaces, save fuel, know when their car needs to be serviced, and a wide array of other driving-related tasks. The complexity of their intelligence and capabilities lies within the cars' more than 100 lines of software code, which is more than seven times the amount found in a Boeing 787 jet.

The Pitfalls of Connected Cars

However, as impressive, convenient, and powerful as they are, connected cars also pose a unique security risk to the people who own them. Just like a smartphone or computer, a connected car can become the target of a hack. If it is hacked, the vehicle then can malfunction, causing the driver to wreck or experience mechanical issues while out on the road. In fact, in 2015 Chrysler had to recall more than one million of its Jeeps after they were the target of a cyber-hack. Hackers were able to manipulate and compromise the vehicles over the Internet. While no one was hurt or killed, drivers did experience malfunctions of their cars while driving. Chrysler realizes that the hack could have led to serious loss of life or property. The company recalled the line of Jeeps to implement a patch in their virtual systems.

Cybersecurity is such a concern with today's connected cars that the FBI and Department of Transportation have issued warnings to manufacturers and owners alike about its risks. Even more, cybersecurity issues today are still relatively misunderstood. New technology and strategies for addressing cyber hacking in connected cars are still being formulated.

The Role of Car Manufacturers

While many connected car makers appear to not be taking the risks of cybersecurity seriously, the industry as a whole is seeing some improvements in making these cars more secure. A general consensus exists in the public and safety experts that car manufacturers bear the responsibility of making their connected cars as safe as they can be from hacking. Still, a recent International Data Corporation study found that many connected car makers today are overlooking key components of keeping owners' private information secure, this despite the automakers' own acknowledgment of their responsibility in making their own cars safe from hackers. Their own failure to take the appropriate measures for security essentially makes today's connected cars rolling PCs that are easy targets for skilled hackers.

In fact, the danger may not lie directly with the potential of crashing a car but rather obtaining sensitive data stored in the car manufacturer's computer systems. Hackers often make it a priority to exploit Internet of Things devices to gain entry to corporate and government network databases that contain customers' Social Security numbers, banking information, and other sensitive details. Even worse, the International Data Corporation study found that it could be another one to three years before connected cars are equipped with the programs they need to ward off hacks.

At this pace, the question begs of whether or not car makers are doing enough to keep pace with today's cybersecurity issues as well as those that have yet to be invented and inflicted on future connected car owners. While their methods of targeting hackers, which include so-called bug bounties, may help catch a few of the virtual bad guys, car manufacturers arguably may not start paying for connected car security until they start feeling the pinch from the ramifications of connected car cyber hacks.

The Danger to Drivers

Drivers too bear some of the responsibility in keeping their own cars safe from hacking. In fact, connected cars are a bit of a Catch-22 for drivers today. They love the convenience and innovation of these cars. However, they fail to appreciate how much of a risk they put themselves and their cars at without taking some preventative steps before downloading and using applications. A recent Kelley Blue Book survey found that only 13 percent of connected car owners say that they will avoid using an app if it could put the security of their cars at risk.

This statistic comes after the survey also found that while 62 percent of connected car owners believe that their cars could be hacked another 42 percent of respondents said they want their cars to be even more connected. Connected technology is not going away in today's automotive industry, which is why safety experts warn drivers to take some actions now to keep hack jobs at bay. They advise owners to download apps from proven and trusted virtual stores like the iStore or Google Play. They also warn people to be wary of third-party apps and to have apps from third-parties verified by a reputable mobile app verifier before downloading it to their vehicles. These simple measures of using common sense when downloading and using apps on their cars can go a long way in keeping their own vehicles and private data secure.

The Bottom Line

As cyber security becomes more complex, so does the need for better and more thorough connected car security. Everyone in the value chain of connected car manufacturing and ownership has to get more serious about this problem. Parties who bear some responsibility for cyber security include parts suppliers, OEMs, dealers, regulators, service providers, and consumers. The National Highway Transportation Safety Administration, or NHTSA, also bears some of the burden. It must strike the perfect balance between demanding nonstop recalls for every single bug fix and letting car companies leave gaping vulnerabilities that can be exploited for months or even years. Still, the pressure that the NHTSA put on Chrysler shows that this government agency is no longer proverbially asleep at the wheel.

About the author

Matthew Young is an automotive reporter from Boston. As a freelance journalist with a passion for vehicles Matthew writes about everything on 4 wheels, be it racecars, SUVs, vintage cars, you name it. When he is not at his desk writing he can be usually found helping his dad in the garage. You can reach Matthew @mattbeardyoung.

Get articles like this by email