IoT is gradually becoming more a part of our lives and cars are no different. Are Internet connected cars the future and what risks do they carry?
Internet of Things (IoT) is taking over every available appliance and tool we use in day to day life, and vehicles are not an exception to this.
Self-driving cars with IoT features are rapidly on the rise, with big brands like Tesla creating full size electric luxury cars, with automated driving, and many other brands following suit.
However, we have already seen Tesla Model S fall victim to cyberattacks, with interference to the car’s brakes, door locks, and dashboard computer screen.
Without the proper, appropriate protection a hack to an automated car could be potentially life threatening if the self-driving application is overridden.
With the advances in automated car technology, sadly comes advances in hacking techniques, and as hacking can take place from even 12 miles away, such as when Tesla Model S got hacked, and with fixes and patches done Over the Air, these can easily be intercepted by cybercriminals.
Mark James, ESET IT Security Specialist, discusses the importance of protecting your vehicle and the steps you can take to increase security.
“Car manufacturers will want to place the safety of their users as their highest priority, and admitting to their vehicles being compromised and taken over is not something they will willingly hold their hands up to.
“The biggest problem with patches and fixes is getting them out to the affected public. Having to recall vehicles for updates is a costly event, and let’s not forget it generates PR chatter.
“Over the air (OTA) is much easier and in most cases has zero impact on the user. Of course the problem is that OTA has the possibility of itself being compromised. This could easily lead to much bigger problems, sadly security is often a compromise.
“If you choose to ignore certain updates, you may be liable and it may affect your ability for later recompense if those patches fixed something that may have been used to breach your vehicle.
“As with computer security, a degree of ownership resides with you; if the manufacturer has done all they can to make available updates and you choose to leave those to a “more convenient” time, then you may in worst case scenarios be putting your own safety at risk.
“Both processes have their downsides though; making all your customers aware there is an update that needs applying could be a logistical nightmare and not as easy as it sounds.
“It’s similar to the firmware upgrades we see for our computing hardware, because it’s so easy to cause irrecoverable damage, they will have very strict criteria to ensure the right software is for the right vehicle.
“As our vehicles become more and more connected, then the possibility of being compromised technically becomes higher. With more attack vectors available for the hackers to choose from, the manufacturers have to step up their game.”
Would/does having an Internet connected car worry you at all? Is so, for what reason? Let us know on Twitter @ESETUK
Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.