Last year, Wired magazine featured a demonstration that showed precisely how easy it is for a hacker to take over the onboard computer of an automobile while driving down the highway in an adjacent car. This disturbing proof of concept for the high-speed hack may have made the population at large more aware of the fact that automobiles these days are dependent on multiple computer systems, and that those computers—just as much as any in a home or in an office—are potentially vulnerable to being compromised.
But this one stunt, though chilling in its immediate impact, has not done a whole lot to change the way that manufacturers treat concerns about digital security. A recent article at darkreading.com highlights this problem, noting that steps that manufacturers are taking to manage digital security in the auto industry are being outpaced by the emerging threats.
When it comes to cars functioning properly, people’s lives can be at stake. And while the prospect of a hack attack as seen in the Wired demo might seem unlikely at the moment, it is becoming clearer to people watching that digital security, as it pertains to automobiles, is no far-out fringe concern. For the automotive industry, effectively managing software vulnerabilities and addressing digital security are going to have to become a priority.
More IPs, More Problems
The susceptibility of cars’ internal computers to hack attacks is only one of the potential cybersecurity problems that the automotive industry faces. The popularity of the Internet of Things has led to the creation of more devices within any given car that are accessible by wireless connection, just as it has with homes. Everything from the locks on a car’s doors to the radio can be managed by smartphone, and every point of wireless access provides a potential way in for a hacker.
Smarter Cars, Smarter Hackers
When thinking about digital security, it’s not just the automobiles of today to take into consideration. In the near future, automobiles will make even more use of the types of technology that hackers can exploit.
Self-driving cars using GPS to navigate are already being demoed in various cities throughout the U.S. and Europe. Prominent futurists are envisioning a day when package deliveries and some, if not all, personal transportation are undertaken by cars that drive themselves. And if we reach a point where such sophisticated self-driving smart cars truly do rule the roads and highways, it will be critical to make sure hackers aren’t commandeering them for the purposes of theft, mischief, or even destruction.
What Can the Automotive Industry Do?
The darkreading.com article suggests that bringing security professionals into the software development cycle is one way the industry could handle an impending wave of cyberattacks and exploits launched against vulnerable automobiles.
Because we’ve already reached a point where having a car’s software upgraded sometimes requires a trip to the dealer, it seems as though the idea of remote security upgrades the way they are done for smartphones could eventually have its day—but that too poses its own, quite significant security challenges.
So as with any rapidly evolving technology, there are more questions than answers. Will there someday evolve a model in which an outside security solution provider is as critical to an automobile as it is to an enterprise? Will we reach a point where a trip to a mechanic will involve a run-through of patches to onboard computers?
It’s truly tough to say what shape the merging of automotive maintenance and digital security will eventually take. But it’s something the automotive industry will be keeping its eye on—for the sake of the reliability of its products and the safety of its customers.
How do you think auto manufacturers should deal with the coming wave of digital security concerns?