Is Your Car About to Get Hacked?
The likelihood increases with every new app and connected feature, according to BlackBerry’s latest Threat Report.
In the past, cars have been a low priority for cyber criminals. The payback wasn’t worth their effort because vehicles didn’t contain much salable data.
Not so with new models. They’re part of the Internet of Things with connections to the cloud, the infrastructure and a growing number of gas stations, pizza joints and other third-party sources.
This creates a treasure trove of data about you and everything you do, which is exactly the type of intel that keeps the hackers hacking.
How Concerned Should We Be?
The latest BlackBerry Cylance “Threat Report” lists vehicles as one of the primary new targets for hackers. It’s the first time that cars have been included in the annual study, which Cylance started before it was acquired by Blackberry last year.
Source: Getty Images
The issue has been a growing concern since 2015, when so-called “white hat” researchers were able to remotely take control of a Jeep Cherokee. This prompted a lot of hand-wringing, talk and action—including the formation of the Automotive Information Sharing and Analysis Center—to bolster vehicle security and thwart bad-doers.
But the authors say not nearly enough is being done. Most OEMs still test less than half of a vehicle’s hardware and software for vulnerabilities, according to BlackBerry.
Citing data from Israeli startup Upstream Security, the study says malicious vehicle hacks surpassed those performed by white hatters for the first time in 2018.
The Weakest Link
What makes cybersecurity so challenging in a vehicle are the number of companies involved and potential entry points that can be breached at various stages. These include:
- A carmaker’s touchpoints
- The entire supply chain
- IoT connections
- Dealerships
- Aftermarket providers
- Smartphones and other portable devices
As with attacks on other industries, hackers can use a variety of methods to access vehicle systems and personal data. This includes phishing for passwords and confidential information, installing malware and exploiting shared cloud-based databases.
Personal Information Inside Your Car
The main attraction to drive a hacker to attack a vehicle is to get a user’s personal information, notes Eric Milam, vice president of BlackBerry Cylance’s research operations. In many cases, drivers inadvertently provide such access themselves by plugging a new device into a UBS port or linking the car to a smartphone after downloading an infected app.
Rentals and used cars have their own risks if smartphone data isn’t wiped for every new owner or driver. In addition to a user’s contact list, a vehicle may have stored geolocation data, garage door access codes and various login credentials.
Hackers also could wreak havoc by remotely controlling steering and throttle functions through autonomous vehicle systems. A more likely scenario, Milam says, would be to disable the vehicle and hold it hostage until a ransom is paid.
How To Protect Your Car From Hackers?
There’s no question that attacks on cars will increase as they become more connected. Combating the threats will take a concerted and ongoing effort.
BlackBerry, which offers its own security toolkit, advocates:
- Implementing cybersecurity measures at the initial design and development stages by carmakers and their suppliers
- Using data encryption on any vehicle system that stores vehicle or driver information
- Developing a system of updating vehicle software and firmware securely and remotely
- Making security patches publicly available on a website (although doing so creates other potential risks)
- Using AI and machine learning tools
It won’t be easy. Hackers only need to break in once to hit pay dirt. Carmakers, Milam points out, have to constantly defend against such attacks at every potential point of entry.
“It’s a monumental task,” he underscores.
RELATED CONTENT
-
Mustang Changes for 2018
On Tuesday Ford unveiled—using the social media channels of actor Dwayne Johnson (this has got to unnerve some of the auto buff book editors)—the 2018 Mustang, which has undergone some modifications: under the hood (the 3.7-liter V6 is giving way to a 2.3-liter EcoBoost four, and a 10-speed automatic is available), on the dash (a 12-inch, all-digital LCD screen is available for the dashboard), at the tires (12 wheel choices), on the chassis (MagneRide damper technology is being offered with the Mustang Performance Package), and on the exterior (three new paint colors). And while on the subject of the exterior, there are some notable changes—a lower, remodeled hood, repositioned hood vents, new upper and lower front grilles, LED front lights, revised LED taillamps, new rear bumper and fascia.
-
Choosing the Right Fasteners for Automotive
PennEngineering makes hundreds of different fasteners for the automotive industry with standard and custom products as well as automated assembly solutions. Discover how they’re used and how to select the right one. (Sponsored Content)
-
GM Is Down with Diesels
General Motors is one company that is clearly embracing the diesel engine.