The rise of cybercrime and cyber warfare in the 21st century has made network security a burgeoning industry. Even as we devote billions of dollars to plugging the holes in the global network infrastructure that affects our everyday lives, hackers are finding new ways to take advantage of them.
Recently, we have come to enjoy the perks of next-generation, in-car technologies that rely on Internet and cloud-based systems, but this dependency is a double-edged sword. In creating network-aware vehicles, we’ve also created a new frontier for cyber criminals — one they’re only too happy to exploit.
Researchers Discover Vulnerabilities in Current Vehicles
In 2015, the story of researchers Chris Valasek and Charlie Miller’s discovery of a vulnerability in Chrysler cars, specifically the popular Jeep line of vehicles, opened the nation’s eyes to the reality of vulnerable vehicles. The duo was able to execute a number of potentially malicious acts, including locking the occupants in their Jeep, applying the brakes at low speeds and altering transmission behavior.
Putting the world on notice wasn’t enough for Miller and Valasek, though. Instead, they continued their hacking efforts, trying to see how far they could take things much in the way an actual criminal would. In the time since their first report, they’ve uncovered new methods with even more frightening effects.
As you can see in their video demonstration, someone with access to your vehicle’s steering could send you veering off the road in a fraction of a second. Imagine the impact this could have on a major highway. A single vehicle could be extremely dangerous, and an attack on multiple vehicles could amount to the worst pileup the world has ever seen.
Companies Patch Your Car — Without the Bondo
It’s finally coming to the attention of car companies that they are creating giant computers — that can be driven. Any computer, no matter the size, needs to be updated to defend against the latest threats, and that, of course, includes cars.
Flaws like the one that was found in Jeep products last year can be patched. Chrysler performed a recall to fix the issues that Valasek and Miller revealed, but in the future, consumers will expect more. Automakers will be expected to deliver software updates in real-time over wireless networks, sometimes at a moment’s notice.
More than just Cars
Usually the focus of these studies like the Jeep test is on vehicles driven by individuals. But this can get much bigger than that. Huge companies like Pepsi, Walmart, and Sysco each have about 7,000 tractors and between 12,000 and 70,000 trailers in their fleets. As technology helps them to all become connected, they’re also at risk for a mass breach. Imagine if a criminal could not only hack one semi-truck, but 1,000 at once. This could be especially dangerous once self-driving trucks become more prevalent.
Manufacturers Privatize Security From Within
It’s not just automakers who will be involved in protecting your vehicle, though. The cyber security industry will play an intimate role — the only question is whether consumers will be able to choose which vendor protects their car.
What’s more likely is that manufacturers will partner with big-name security vendors to develop solutions for their entire product line. Tesla is one example, but it remains to be seen how Elon Musk and co. will cope when models that are contemporary today get longer in the tooth.
If a company wants to protect their reputation, they’re also going to have to protect the security of their cars — whether they want to or not. It could be the difference between success and failure in tomorrow’s auto industry.
Scott Huntington is an automotive writer from central Pennsylvania. Check out his work at Off The Throttle or follow him on Twitter @SMHuntington.