Connected cars are ripe for hacking

As the automobile industry explodes with technology, security should take priority.

googles lexus rx 450h self driving car
Creative Commons Lic.
Current Job Listings

Technology has taken over almost every area of consumers’ lives, from the way they work and play to the toys their children use. In addition to finding ways to connect homes to the internet, innovators have also begun developing software and hardware for the cars people drive every day. When a vehicle can connect to the internet, automakers can build in amenities that make their products more desirable to consumers.

But like the many other devices that can communicate, connected vehicles bring security issues. As connected cars gradually become more mainstream, it’s important that consumers be aware of the dangers they face from a security breach.

The dangers

Last year, the FBI, Department of Transportation, and National Highway Traffic Safety Administration issued a memo warning of the dangers of connected vehicles. One of the most eminent threats, as detailed in the memo, is the possibility of a takeover of the car’s operations. A hacker could find his or her way into a vehicle’s computer and take control, leading to an accident. A hacker could disable a vehicle’s brakes or steering or could shut the engine down completely. On a less threatening level, a hacker could also manipulate a vehicle’s door locks, turn signal, radio, GPS, or other on-board system.

Now that cars are connected, police departments are also concerned about vehicle theft. Using laptops, thieves can bypass a vehicle’s ignition system and steal a car. The software is similar to that used by dealers and locksmiths to program an ignition for a car owner, so it can be difficult to prevent such attacks. This type of attack applies especially to those who own cars with keyless entry and ignition.

Any connection that can be intercepted can be prone to viruses and data breaches, which means that any information stored on that device could be stolen, including credit card numbers and contact data. As automotive software becomes more sophisticated, hackers will be able to collect even more information on a person’s life, leading to increased concerns about identity theft. While this isn’t as concerning as a remote vehicle takeover, it’s a real issue that automakers will need to safeguard against in the coming years.

The solution

All of this information is useless if it doesn’t include actionable advice. Currently, vehicle software updates are handled two ways: through being pushed to your car’s software and through automotive recalls. Software updates are the ideal scenario, since car owners aren’t required to take the car to the dealership for service. Vehicle owners will increasingly notice software updates installing when they start their car. When automotive manufacturers are proactive about preventing malware and third-party vehicle takeovers, they’ll protect themselves against the reputation damage that comes from a breach.

In addition to keeping a vehicle safe, in time the software could be set up to help consumers. As one expert pointed out, when a vehicle’s software detects a maintenance issue, its driver could receive a notification of nearby dealerships offering deals on that service at that time. This would provide a level of usability that would increase a customer’s loyalty to a specific make of car.

Dealer recalls

For those updates that can’t be automatically pushed, a visit to the dealer is the only option. Auto manufacturers send recalls that urge owners of certain vehicle makes and models to visit the dealer as soon as possible for an update. Once in the hands of a dealership, the vehicle’s software can be updated using certified software.

Unfortunately, many car owners ignore recalls. According to J.D. Power, more than 45 million vehicles that were recalled due to safety issues between 2013 were not brought in for service. One of the biggest reasons for the lethargy is the sheer volume of annual recalls. When a car owner only sees one recall over the course of owning a vehicle, for instance, it’s much more likely to be taken seriously than when those recalls are coming at a pace of one per month. This apathy highlights the importance of finding a way to automate software updates rather than rely on the car being physically present in the dealership.

Automotive software will only become more sophisticated over time. If manufacturers take steps to ensure consumers remain safe in the process, they can win brand loyalty and improve usability.

This article is published as part of the IDG Contributor Network. Want to Join?

How do you compare to your peers? Find out in our 2019 State of the CIO report