Thanks to the success of Tesla, the auto industry is racing into the electric vehicle market. All new vehicles, even if they are still gas powered, now have large touch screens connected to computers that control ever aspect of the vehicle, from the climate system to the navigation. But a computer is a computer. It doesn’t matter if you can use that computer to make a phone call or drive a car, it’s a still a computer, and it’s still hackable.
Now that cars are computers, who is responsible for their security? The manufacturer? The car operating system company? The vehicle owner? It’s a messy situation that’s ripe for hackers to exploit.
The Auto Industry Is In A State Of Digital Transformation
If your current car doesn’t already have a computer, chances are your next one will. According to ABI Research, 90% of all new cars in 2020 were connected to the Internet. This includes both electric and gas vehicles with limited integrated connectivity via smartphone.
But by 2030, it’s expected that most new cars will be electric vehicles fully connected to the Internet. Developers are already working on a variety of features including hyper-weather forecasts and dashboard gambling. As connectivity continues to explode, cybersecurity capabilities could struggle to keep pace. This could create serious security risks for individuals, businesses, and governments.
The auto industry knows the cybersecurity risks to their customers, they just aren’t sure what to do right now. They haven’t even developed all the privacy and security standards needed to that mitigate risk at massive scale.
As the industry pivots to primarily manufacturing electric vehicles, car manufactures need to transition from being focused on engine mechanics to software development. Car cybersecurity of course will be a major part of that.
Is Remote Car Hacking Possible?
Yes. Once a car is connected to the Internet, all sorts of things are possible. Obviously, this can be both good and bad.
One of the cool new features from Telsa, is the Smart Summon feature. Tesla owners can summon their car from its parking spot to come pick them up. They just have to tap on a button using their smartphone.
But if you can remotely control your car, then so can someone else. In 2015, two car hackers (with permission) were able to remotely disable the brakes of a Jeep Cherokee.
In the now infamous car hacking experiment, security experts, Charlie Miller and Chris Valesek, remotely attacked the SUV while WIRED writer Andy Greenberg was driving it on a highway. Very scary stuff.
Hacking An Electric Car While It’s Charging
But one of the most vulnerable situations for your EV might be while it’s charging at home. Electric cars constantly share data as part of the smart charging process. They also often connect with utility companies as part of the overall electric grid ecosystem. All of this data sharing creates opportunities for car hackers to intercept.
According to car cybersecurity experts, this makes it even more difficult to protect connected cars. It’s impossible for automakers to anticipate new emerging technology in connected homes. Every new product or app that interacts with the electric vehicle creates another potential opportunity for car hackers.
Another issue to worry about is how far out automakers develop new products. Most car companies work on 5-year plans. That means the new car models for the year 2027 are being developed right now. Just imagine how different technology and security will be 5-years years from now. Then realize how far behind the “new” cars in 2027 will be from a security perspective.
The Connected Car And The Future Of Cyber Warfare
Internet networks. Traffic lights. Our power grid. Everything is a computer now, even your car.
From a cyber warfare standpoint, all electronic devices are already at risk from EMPs (electromagnetic pulses). Although not often physically destructive, EMP attacks can disable all electronic devices in their radius. In 2020, the EMP Task Force on National and Homeland Security issued a scary report detailing China’s first-strike capabilities to destroy the United States power grid using super-EMP weapons.
But cyber attackers aren’t limited the the radius of an EMP. If the car is a computer now, it could be possible for car hackers to disable an entire networks of EVs. Warring nations looking for ways to disrupt populations could remotely disable both military and civilian electronic vehicles.
With foreign nations supplying components in electric vehicles, auto manufactures need to be extra vigilant. Although unlikely, hostile nations like Russia and China could potentially sneak dangerous chips or computer code into the global vehicle supply chain.
If the auto industry doesn’t start taking car hacking and automotive cybersecurity seriously, our own cars could become Trojan Horses in the next military conflict.
Leave a Reply