Hostile interventions by hackers in vehicle technology are not science fiction, as various cases have proven with different car manufacturers in the last few years. But what can be done about it?
Imagine you’re driving with 100 other vehicles on a main road. As if by magic, the central locking engages, the radio suddenly blares at full volume, the steering wheel develops a life of its own and you leave the tarmac behind you and drive across a field, without a way to bring your car under control or get out. Undoubtedly a nightmare situation, but unfortunately, it’s not impossible.
How easy is it?
The journalist Andy Greenberg experienced first-hand just what can happen when hackers take over a car. Computer scientists Charlie Miller and Chris Valasek took control of Greenberg’s car while driving. Although the journalist knew in advance, nevertheless, he was still scared by the experience.
Even older vehicles, not originally intended for connecting to the internet, can be victims of digital attacks. When retrofitting with smart dongles to monitor fuel consumption, engine control or to maintain an electronic logbook, the OBD2 (an on-board diagnostic system fitted to American cars and light trucks from 1996 onwards) interface provides an increasingly large risk for the car. It makes them vulnerable to cyberattacks.
Dr. Christoph Lauterwasser, Managing Director of Allianz Centre for Technology, explains how hackers gain access to important vehicle functions:
Often, the protection mechanism against hacker attacks – especially on older vehicles – is inadequate. That’s why the number of attacks on networked vehicles will rise over the next few years. If a hacker finds a weak point, he could then sabotage all vehicles of the same model series at the same time and turn off the engine, for instance. The loss of reputation for the automotive industry would be enormous.
There is no such thing as complete protection against attacks. Indeed, the vehicle manufacturers must weigh up the benefits of new IT functions against the risks as early as the development stage, and create the most secure IT architecture possible inside the vehicle.
What can be done?
Insurers and car manufacturers need to collaborate more closely to find the blend of technological innovation within new cars without exposing them to too many or too much risk. Innovation for the sake of innovation has exposed many cyber weaknesses in new connected devices, from smart homes, cars and everything in between. Manufacturers will need to consider the security of these innovations at a much earlier stage to guarantee customer safety and loyalty.