By Ryan Daws, IoT NEWS
August 1, 2019
Consumer Watchdog: Mass cyberattack could result in control of connected cars
A report from Consumer Watchdog features 20 anonymous whistleblowers from the connected car industry voicing their concerns about cyberattacks.
Automotive giants are racing to pack their vehicles with connected technology which improves the driving experience and helps their cars stand out. As in any such race, safety considerations often aren’t given the priority required.
Connected technologies such as remote engine starts, adjusting the climate via smartphone, and increasingly automated driving and parking capabilities, all offer convenience but deep vehicle access that poses a substantial risk if a malicious actor gained control.
Los Angeles-based Consumer Watchdog released a study warning that the danger of fleetwide hacks of connected vehicles is increasing. Just one vulnerability in a manufacturer’s connected cars has the potential to compromise millions of vehicles globally.
Jamie Court, President of Consumer Watchdog, told reporters at a press conference on Wednesday:
“What these whistleblowers have done is, over the course of five months, shown us exactly why the new fleet of 2020 cars are extraordinarily dangerous, can be hacked and are potentially the biggest national security threat that exists today.
Connecting safety-critical systems to the internet in a car is inherently dangerous, connecting the brakes, the engine.”
While ensuring any connected technology is completely hack-resistant is almost impossible, safeguards can be implemented.
The study recommends that automakers install a ‘kill switch’ – costing just 50 cents – to ensure the connection between the internet and critical functions like the engine, steering, and brakes can be severed and control returned to the user immediately.
Stories of compromised vehicles are naturally becoming more prevalent as the number of connected cars increases. ‘White hat’ hackers have already demonstrated they were able to compromise Jeep and Tesla vehicles.
Fortunately, no injuries have yet occurred from a vehicle hack – that we know of, at least – but it’s just a matter of time unless precautions are in place.
In his presentation, Court highlighted that Ford’s most recent annual report with the SEC noted: “We, our suppliers, and our dealers have been the target of these types of attacks in the past and such attacks are likely to occur in the future.”
Ford hasn’t elaborated on the nature of the attacks it witnessed, but it goes to show that vehicles are already a keen target of hackers. All new cars from GM in the US have cellular connectivity, as will Toyota and Ford vehicles from 2020, so the risk is already present.
