Connected Vehicles: An Open Road for Hackers

With the current scenario of cybersecurity and fraud in India, connected cars have the potential of leaving you vulnerable too

Photo Credit : UIEvolution,

India’s Internet of Things is rapidly growing as consumers and businesses embrace the benefits of connected devices. The growth will affect many facets of India, but one of the largest additions will arrive by roadway. Connected vehicles will transform many aspects of daily life, but they also bring forth many security considerations. For this technology to reach its full potential in India, it is imperative we understand the risks and manage them accordingly.

Vehicles have come a long way in terms of the high-tech features and connectivity that come standard in most new models. Today, most vehicle functions such as steering, acceleration, braking, remote start, and even unlocking the doors, are controlled by software that accepts commands from a diverse array of digital systems operating both inside and outside the vehicle. Truly connected vehicles pave the way for advanced driver assistance technologies and will eliminate human errors significantly.

With the acceleration in connectivity and digitization initiatives, the threat actors are also evolving each day and they can gain unauthorized entry to vehicles and manipulate the software operation. These cyber criminals and hacktivists steal personally identifiable information or hijack the vehicle systems, to enable malicious cyber activity that could render the vehicles inoperable.

Vehicles are more likely susceptible to ransomware attacks when their disablement causes knock-on effects. For example, where a single driver might be able to reinstall his car’s software with the help of a mechanic, a group of vehicles disabled on a busy highway could cause far more serious disruption. Victims or municipal authorities may have little choice but to pay the ransom to reopen a busy commuting route. Alternatively, a logistics company might suddenly find a large portion of its truck fleet rendered useless by ransomware. The potential for lost revenue due to downtime might pressurize the company to pay the ransom rather than risk more significant financial losses.

The impact of cyber threats is often considered in financial terms – the cost of a breach, whether direct financial losses or indirect costs of investigation, remediation, and improved security. However, there is also a potential risk of human injury or even death. As computers increasingly control vehicles, among other critical devices and systems, the potential for malfunction or manipulation that causes human harm rises significantly.

There are five key threats introduced by vehicle software vulnerabilities:

* Unauthorized physical access to vehicles

* Theft of personally identifiable information from manufacturer or third-party storage systems

* Deliberate manipulation of vehicle operation

* Hijacking vehicle systems to enable malicious cyber activity

* Extortion enabled by ransomware that renders vehicles inoperable until a ransom is paid

To remedy this, it’s imperative for automakers to build security into the foundation of their vehicles, rather than bolt it on later. As consumer demand drives ever more features, the opportunities for compromise will only grow. Given the emergence of these new risks, automotive manufacturers and suppliers need to not only ensure the traditional operational safety of their vehicles, but to also secure both the vehicle's operations and driver privacy. This requires an ongoing understanding about the nature of threats and vulnerabilities in a rapidly evolving landscape, and building in strong proactive security measures to prevent, detect and respond to these risks.

It’s now or never. Connected cars are already filling up the Indian roads and this new connectivity will be futile if the security of these vehicles is neglected



Advertisement

Around The World