It might seem quite convenient to have a vehicle featuring a GPS system or a hands-free phone. However, could the super connected automobiles incorporated with wireless navigational and communication technologies increase vulnerability?
After conducting research on remote car-hacking, experts reveal that it is not a far-fetched idea. The Super-Intelligent Machines: 7 Robotic Futures is a study carried out by both University of California and University of Washington researchers on this particular type of security breach. All the experts agreed that the automotive industry needs to be adequately prepared for potential attacks. In these modern times of advanced technologies, insuring your car is therefore even more important.
Two researchers connected a laptop to the diagnostic port of a Toyota Prius, which allowed them to hack and exploit the vulnerabilities of the electronic control unit that communicates with the internal network of the vehicle. As a result, the two researchers took control of the headlights, braking, steering, horn, and most importantly, locks of the car.
The two researchers, Valasek and Miller, have in recent times evaluated the weaknesses of electronic control units of 21 cars in total, presenting their findings at the Def Con hacker conference held in Las Vegas. Generalities were however avoided in the security analysis because every vehicle manufacturer uses a different car design. After examining specific automotive architectures, the researchers concluded that some of the networks were more secure than the others.
Today, the attitude of automakers towards cyber security is similar to what software companies had in the past. Software vendors overlooked most of the security risks during the early 2000s, placing little interest and investments in their software security, and only at a later date did the vendors invest in proactive measures to provide protection. Hopefully, the automotive industry will take quicker action when it comes to security.
The biggest concern might be remediation, which entails performing software updates for automobiles that are already in use, should vulnerabilities emerge. Safeguarding vehicle control units involve tracking and notifying owners, and the transmission of the security patch, unlike the computer software updates that users can easily download and install.
Updating automotive security systems is potentially a complicated and expensive prospect. At the moment, only a few manufacturers provide over-the-air updates, where security software updates can be sent to vehicles wirelessly, meaning the owners do not have to bring in their cars. Regrettably, the automakers with this capability account for quite a small number of the cars on the road.
A search for solutions
In 2011, Savage and Kohno gained complete control of a vehicle by tapping into the car's wireless systems; Valasek and Miller's latest research builds on this earlier car-hacking work. Savage later told Live Science that they had demonstrated how it was possible to remotely takeover a vehicle that was not modified in any way.
Although these two researchers, Savage and Kohno, did not publish the demonstration codes used to hack the car’s system, they instead shared the codes with the automakers, which lead the manufacturers to consider greatly the issues posed by vehicular insecurities.
All the same, the threat of potential car hackings should not result in paranoia among the consumers. Hacking is the least opted for form of criminal activity by perpetrators even in these very tech savvy times, except of course for theft where illegal innovation to defeat door locks and mobilizers is apparent. Today, anti-theft measures are so effective that thieves need to beat computers to steal cars.
As for the progress made by the automotive industry, manufacturers continue to search for potential security bugs from the traditional world of software security. Carmakers are also working to standardize the entire threat-modeling process through the Society of Automotive Engineering as well as the incorporation of mobile dedicated internet systems for their vehicles.
Meanwhile, researchers such as Valasek and Miller continually urge vehicle manufacturers to feature attack-detection as well as prevention technology into the vital control networks and systems installed in new cars.
In general terms, car hacking is not yet mainstream since it is quite a challenge in addition to costing a lot of money. But having said that, it is important to note this could very well change in the near future, which makes it necessary to work on the issue now.