Intel Moves to Secure Cars Before They Kill Us

By

One of the very surreal and prophetic meetings I had was years ago was with the On-Star division of GM.  I was invited in by one of the executives I’d met while he was working in IT for a large consumer goods company.   He had recently joined the On-Star effort, which was in its infancy at the time, and was appalled at the lack of security over the technology.  I was running the firm’s security practice at the time and was brought in to talk some sense to the executive team who largely blew me off.  I thought as I left that this wouldn’t end well and we’ve recently seen some rather frightening demonstrations, even though they were with Chrysler not GM, that the auto industry just didn’t take security seriously.

Intel has been working with a variety of car companies over the years to develop some rather interesting solutions, like a headlight system that can pierce ran and even snow.   This is actually pretty amazing and could be a real life saver in a storm.   But while car makers are new to security, Intel isn’t having bought McAfee a few years back to address the near out of control problem with security on PCs and servers.  So Intel can hit the ground running and largely as a result of these automotive security breaches, they have formed the Automotive Security Review Board to try to help the car industry fix what is now a nasty problem

Let’s talk about how you might want to buy an older car over a new one until these problems are solved this week. 

Old Is Safer

Older cars had physical connections between the steering, engine control (throttle), and braking systems.  You could remote control them but only if you spent days installing controls, servos, and remote control technology in the car and making all of that stuff invisible would have been nearly impossible.  

But newer cars have drive-by-wire systems where the throttle, brake, and even the steering wheel aren’t physically connected they just interface with a control unit that then interfaces with the car.   The positives for this are that you can better adjust what they do based on conditions and speed and they are far easier to install because you just need to run wiring and connect to power and a common network which, increasingly, could be wireless. 

Image via Shutterstock

But now if someone wants to take control of your car, they just need to wirelessly hack into the network and while this still largely requires some type of physical access to the car, the control unit is very small and easily hidden. 

This suggests that if you are concerned about security you would be far safer in a car that was older than 2005 from the standpoint of security but then you are faced with problems associated with the car starting to fall apart.   Low mileage well cared for older cars may suddenly be in relatively high demand once folks catch on that newer cars can be easily hacked and made unsafe. 

Fixing the Problem

It isn’t trivial to address what has been a serious oversight for some time.  Granted, few of the automakers were as careless as Chrysler and haven’t connected their entertainment and car operating systems together.   But the idea that you can secure an increasingly connected car by leaving critical systems unconnected won’t work if someone comes up with an easy to use plug in remote control module.  Or, for future cars, (and Tesla) just hacking into the network that controls the car.  (I should point out that Tesla, at least, took security seriously but even they were vulnerable.  

To fix this requires a top to bottom change in the way cars are built and secured and that is what the Automotive Security Review Board’s mission is.   Every component that is connected has to be secured (a few years back a bunch of VWs where hacked through their wireless tire pressure system in the tires and disabled, a later test showcased a hacker could do far more which subsequently happened in Texas). 

And, particularly when we move to full autonomous driving, if there is a way to break in someone will find it and this effort is to give the folks building the cars a fighting chance in making sure we don’t become the proof they didn’t get this right. 

Wrapping Up:  Old May Be Better

While it is great to have a lot of electronic gadgets on our cars, right now, they represent a potentially deadly risk to our safety.  As a result you may want to favor new and older cars that don’t have drive-by-wire systems and can’t be taken over without a massive amount of work.  If it’s easy than any kid could do it and you don’t want anyone in your family to be the statistic of a prank gone wrong, which, right now is more likely than a criminal or terrorist attack.   However once these cars are all connected and able to drive autonomously a hostile agency could take over hundreds and simply issuing a command that took them to maximum speed would have massive deadly consequences.  It is critical that programs like Intel’s take the car industry where it needs to be before a large percentage of us become some kind of distributed 9/11.   Personally I’m thinking it will be a while before a buy a new car.  



Get stories like this delivered straight to your inbox. [Free eNews Subscription]

President and Principal Analyst, Enderle Group

SHARE THIS ARTICLE
Related Articles

Can Science Outsmart Deepfake Deceivers? Klick Labs Proposes an Emerging Solution

By: Alex Passett    3/25/2024

Researchers at Klick Labs were able to identify audio deepfakes from authentic audio recordings via new vocal biomarker technology (alongside AI model…

Read More

Top 5 Best Ways to Integrate Technology for Successful Project-Based Learning

By: Contributing Writer    3/19/2024

Project-based learning, also popularly known as the PBL curriculum, emphasizes using and integrating technology with classroom teaching. This approach…

Read More

How to Protect Your Website From LDAP Injection Attacks

By: Contributing Writer    3/12/2024

Prevent LDAP injection attacks with regular testing, limiting access privileges, sanitizing user input, and applying the proper encoding functions.

Read More

Azure Cost Optimization: 5 Things You Can Do to Save on Azure

By: Contributing Writer    3/7/2024

Azure cost optimization is the process of managing and reducing the overall cost of using Azure. It involves understanding the resources you're using,…

Read More

Massive Meta Apps and Services Outage Impacts Users Worldwide

By: Alex Passett    3/5/2024

Meta's suite of apps and services are experiencing major global outages on Super Tuesday 2024.

Read More