Intel Moves to Secure Cars Before They Kill Us


One of the very surreal and prophetic meetings I had was years ago was with the On-Star division of GM.  I was invited in by one of the executives I’d met while he was working in IT for a large consumer goods company.   He had recently joined the On-Star effort, which was in its infancy at the time, and was appalled at the lack of security over the technology.  I was running the firm’s security practice at the time and was brought in to talk some sense to the executive team who largely blew me off.  I thought as I left that this wouldn’t end well and we’ve recently seen some rather frightening demonstrations, even though they were with Chrysler not GM, that the auto industry just didn’t take security seriously.

Intel has been working with a variety of car companies over the years to develop some rather interesting solutions, like a headlight system that can pierce ran and even snow.   This is actually pretty amazing and could be a real life saver in a storm.   But while car makers are new to security, Intel isn’t having bought McAfee a few years back to address the near out of control problem with security on PCs and servers.  So Intel can hit the ground running and largely as a result of these automotive security breaches, they have formed the Automotive Security Review Board to try to help the car industry fix what is now a nasty problem

Let’s talk about how you might want to buy an older car over a new one until these problems are solved this week. 

Old Is Safer

Older cars had physical connections between the steering, engine control (throttle), and braking systems.  You could remote control them but only if you spent days installing controls, servos, and remote control technology in the car and making all of that stuff invisible would have been nearly impossible.  

But newer cars have drive-by-wire systems where the throttle, brake, and even the steering wheel aren’t physically connected they just interface with a control unit that then interfaces with the car.   The positives for this are that you can better adjust what they do based on conditions and speed and they are far easier to install because you just need to run wiring and connect to power and a common network which, increasingly, could be wireless. 

Image via Shutterstock

But now if someone wants to take control of your car, they just need to wirelessly hack into the network and while this still largely requires some type of physical access to the car, the control unit is very small and easily hidden. 

This suggests that if you are concerned about security you would be far safer in a car that was older than 2005 from the standpoint of security but then you are faced with problems associated with the car starting to fall apart.   Low mileage well cared for older cars may suddenly be in relatively high demand once folks catch on that newer cars can be easily hacked and made unsafe. 

Fixing the Problem

It isn’t trivial to address what has been a serious oversight for some time.  Granted, few of the automakers were as careless as Chrysler and haven’t connected their entertainment and car operating systems together.   But the idea that you can secure an increasingly connected car by leaving critical systems unconnected won’t work if someone comes up with an easy to use plug in remote control module.  Or, for future cars, (and Tesla) just hacking into the network that controls the car.  (I should point out that Tesla, at least, took security seriously but even they were vulnerable.  

To fix this requires a top to bottom change in the way cars are built and secured and that is what the Automotive Security Review Board’s mission is.   Every component that is connected has to be secured (a few years back a bunch of VWs where hacked through their wireless tire pressure system in the tires and disabled, a later test showcased a hacker could do far more which subsequently happened in Texas). 

And, particularly when we move to full autonomous driving, if there is a way to break in someone will find it and this effort is to give the folks building the cars a fighting chance in making sure we don’t become the proof they didn’t get this right. 

Wrapping Up:  Old May Be Better

While it is great to have a lot of electronic gadgets on our cars, right now, they represent a potentially deadly risk to our safety.  As a result you may want to favor new and older cars that don’t have drive-by-wire systems and can’t be taken over without a massive amount of work.  If it’s easy than any kid could do it and you don’t want anyone in your family to be the statistic of a prank gone wrong, which, right now is more likely than a criminal or terrorist attack.   However once these cars are all connected and able to drive autonomously a hostile agency could take over hundreds and simply issuing a command that took them to maximum speed would have massive deadly consequences.  It is critical that programs like Intel’s take the car industry where it needs to be before a large percentage of us become some kind of distributed 9/11.   Personally I’m thinking it will be a while before a buy a new car.  

Get stories like this delivered straight to your inbox. [Free eNews Subscription]

President and Principal Analyst, Enderle Group

Related Articles

Web3 in 2024 - What's the Story So Far?

By: Contributing Writer    2/26/2024

Is Web3 a thing yet? Click here to learn about the 2024 Web3 story so far.

Read More

Shabodi Accelerates Adoption of Network-Aware Applications with CAMARA API Enterprise Reference Implementation

By: Special Guest    2/16/2024

Shabodi, an Application Enablement Platform (AEP) provider unleashing advanced network capabilities in LTE, 5G, 6G, and Wi-Fi 6, announced they have l…

Read More

How Much Does Endpoint Protection Cost? Comparing 3 Popular Solutions

By: Contributing Writer    2/2/2024

Endpoint protection, also known as endpoint security, is a cybersecurity approach focused on defending computers, mobile devices, servers, and other e…

Read More

What Is Databricks? Simplifying Your Data Transformation

By: Contributing Writer    2/2/2024

Databricks is an innovative data analytics platform designed to simplify the process of building big data and artificial intelligence (AI) solutions. …

Read More

What Is Blue/Green deployment?

By: Contributing Writer    1/17/2024

Blue/green deployment is a software release management strategy that aims to reduce downtime and risk by running two identical production environments…

Read More