All You Need To Know About Connected Car Hacking

The world of connectivity and the future is upon us, and automakers are taking the opportunity to entice more customers by producing cars that are utilizing the Internet of Things (IOT) concept. From features that help drivers avoid traffic congestion, plan the next route, check the status of the car, find an available parking space, request for road assistance and so much more, the car of the future is now in our hands. 

However, with greater connection comes greater vulnerability, and automakers are struggling to keep up with hackers trying to hack into connected vehicles has long been a source of concern. 

It’s not a surprise, given how tempting connected vehicles can be to hackers. In a news report by the New York Times, they detailed the attempts of a cybersecurity company called Karamba Security to prove how connected vehicles are a boon to hackers. The company connected a vehicle electronic control unit (ECU) online and found that hackers made more than 25,000 breach attempts in three days. What the hackers didn't know was that this ECU wasn't real; it was a trap to see who would try to hack in.

While hackers see value in trying to get into connected vehicles, car security isn’t exactly at the top of everyone’s minds when it comes to autonomous or connected vehicles. The fact remains that autonomous cars are still a very new concept to people, and most traditional cars don’t even have an option of being hacked due to a lack of connectivity. 

A poll showed that safety concerns and technology failures were the biggest fear when it comes to autonomous vehicles for 45 percent of respondents. Only 15 percent said hacking threats were their top fear.

In short, connected cars will always have at least some form of cybersecurity flaws, but that doesn't mean automakers aren't trying to secure your car.

Still, the auto industry and government regulators are constantly working to keep out the hackers. The United Nations has passed regulations about vehicle cybersecurity with more teeth, rules that force auto manufacturers to assess risk and report intrusion attempts in order to certify that their connected components are secure. This regulation will go into force in 54 countries, including in Japan and South Korea in 2022 and in Europe in July 2024.

As security experts and researchers join forces to pressurize the automotive industry to take responsibility for the security and safety of their connected cars, there are also moves to come up with different scenarios and exploits to raise the level of awareness and educate the public on connected car safety.

It is a common practice for security researchers and ethical hackers to disclose to the public the vulnerabilities or exploits they have discovered so that responsible people can know and fix the issues. However, this opens up another can of worms, because when these findings are made public, unethical hackers will know about these vulnerabilities and exploits too on top of the rest of their cyberattacks.

One of the things that automakers now have to do is to make sure that security is the key priority for connected cars. Applications and systems for connected cars must be designed with security in mind and ensure that their systems developers have the sufficient expertise and skills to implement security measures.

Security should be considered at the design level and not after the fact. For the implementation of security measures, security architects and researchers need to be involved. They are trained to look for holes in applications, IT systems, and relevant IT infrastructure.

Automotive companies must understand and see the impact to their brand and bottom-line if applications for their cars can be exploited by hackers to steal sensitive data about the drivers: their personal information, driving habits or other financial data.

Building secure systems for connected cars is not enough. More features and systems mean more attack surfaces and attack vectors for hackers. That's why it's critical to monitor the systems and relevant infrastructure and immediately respond to unfolding attacks.

At the end of the day, we must all be aware of the impact of connected car security as we move into the car of the future, and take the necessary steps to protect ourselves against the hackers. 

What do you think of this article? Leave a comment below!

If the thought of the future of automotives interests you, you might want to consider exploring a career in automotive, motorsports, and all things related. At TOC, you’ll be part of one of the best automotive colleges in Malaysia that provides you with the education pathway you need to turn your dream into reality!

If you’d like to know more about the automotive industry or if you’re still unsure whether it would be a good fit for you, don’t hesitate to have a chat with our automotive course counsellors, who would be happy to help you out!