With a world that is becoming highly connected, there is a corresponding rise in cybercrime threats. A recent study by the University of Maryland and published in an article in Security Magazine shows that, on average, an internet-connected device is hacked every 39 seconds.1 The fusion of automobiles and computerized systems is cause for concern for many people, with autonomous vehicles that rely on wireless internet connections seen as especially vulnerable to attacks.
Automated Cars’ Connectivity Features That Expose Attack Surfaces
The wireless connectivity features built into modern vehicles expose new attack surfaces that cyber-attackers can exploit. Most new cars have a built-in LTE modem, Bluetooth, Wi-Fi, and several safety-critical, programmable Engine Control Modules (ECMs).
In the next few years, almost all new cars will have vehicle-to-everything (V2X) connectivity and some connection to a high-speed 5G network. Additionally, highly sophisticated, semi-autonomous automotive systems are now commonplace.
The continuing deployment of highly autonomous vehicles that operate without human intervention makes high-speed connectivity vital. After all, there needs to be a way to send the commands to summon the car from a parking garage, go park itself, or summon a driverless taxi. Autonomous cars also need to continually download traffic updates, information on road conditions, and maps in real-time.
Have Computerized Automotive Systems Been Attacked Yet?
Hacking a car is no longer a far-off threat – it is something that is already proven possible. Way back in 2015, hacker duo Chris Valasek and Charlie Miller famously hacked a 2014 Jeep Cherokee using a zero-day exploit to prove that it was possible to take over control of the vehicle remotely completely.2
In an attack on the popular two-ton SUV driven by Wired columnist Andy Greenberg, the duo showed the reporter how, using the vehicle's computer, known as a "head unit," they could take control of the vehicle’s steering, brakes, air conditioning, wipers, and stereo.
There have been several other demonstrations of the vulnerabilities of automated cars to cybercrime. At a recent Pwn2Own hacking contest in the U.S., two young hackers, Richard Zhu and Amat Cama, won a Tesla Model 3 car and $35,000 when they discovered a bug that let them attack the electric vehicle's systems through its web browser.3 The just-in-time bug allowed them to infiltrate the vehicle's system and write messages on the display screen.
What Does Vulnerability Of Automated Cars Mean For The Auto Industry?
According to a report in the Journal of Engineering and Technology Management titled “Trust in driverless cars: Investigating key factors influencing the adoption of driverless cars,” although autonomous cars promise many benefits, the potential for hacking is cause for concern.4 The report says that the main concerns surrounding many people’s unwillingness to adopt semi-autonomous or self-driving technology relate to privacy, liability, safety, trust, reliability, and security.
Charlie Miller, a security researcher at Twitter and one of the Jeep Cherokee hackers, said, "When you lose your faith that your car will do what you expect it to do, it really changes your entire view of how it works."
The car not only risks the driver's personal information, but it is also a danger to the life of the occupants and anyone near the vehicle.
Cybercrime and hacking will always pose a significant threat to the development and adoption of many technology types. However, is there a way to prevent cybersecurity threats?
Protect Your Business From The Threat Of Cybercrime
A security breach in its systems could devastate customer trust in even the most successful business. Just like Forbes claims that many people now think twice before getting behind the wheel of semi-autonomous or driverless cars, a cyberattack on your business could erode your customers’ trust in your company or products.5 Potentially, this could cause:
- Loss of your customers
- Lower sales
- A reduction in your profits
Be sure you’re taking the steps to manage the risks that cybercrime exposes to your business.
LeadingIT offers 24/7, all-inclusive, fast, and friendly technology and cybersecurity support for nonprofits, manufacturers, schools, accounting firms, religious organizations, government, and law offices with 10-200 employees across the Chicagoland area.