Cybersecurity no longer exists solely in the domain of computers. Today’s cybercriminals have become far more sophisticated than the traditional hackers from 20 years ago and cyber attacks today have far more significant ramifications – primarily when those attacks are against “nontraditional” targets like automobiles.
Modern vehicles utilize advanced connected technology to make them highly more efficient, opening up a world of vulnerabilities that can put the lives of drivers, passengers, and other motorists and pedestrians at risk in the blink of an eye.
As the automotive ecosystem (and everything else in our modern world) becomes more connected, the risks that cybercrime poses jumps significantly.
This is why recently there has been a massive push by the automotive industry to take serious actions and improve automotive cybersecurity.
Below is a look at the current landscape of automotive cybersecurity.
The Political and Legal Landscape is Murky (At Best)
In 2015, Wired magazine journalists created a preplanned hacking event where they took control of a vehicle – while a human being was behind the wheel – and showed the world how dangerous automotive tech could be if cybersecurity wasn’t taken seriously.
Unfortunately, for one reason or another, politicians and lawmakers have overlooked the security risks that automotive technology brought to the table with one major exception – autonomous vehicles.
Some of this has to do with the fact that it’s easier for non-technical automotive individuals to wrap their heads around how dangerous autonomous vehicles could be if they were hacked, as opposed to the same dangers when human beings are behind the wheel.
Manufacturers Still Treat Automotive Cybersecurity as a Bottom-Line Issue
One issue the industry has to face is that most manufacturers aren’t as concerned about the cybersecurity of their vehicles as they should be.
While these professionals understand that the potential for cybercrime skyrockets with all the new vehicle technology and connectivity, the need to eliminate those security risks are often outweighed by how expensive it would be to create the relevant security solutions.
Repairing software always costs money and patches to fix bugs aren’t always reliable or create new issues. Worse, patching one security hole sometimes opens new backdoors and avenues for cybercriminals to exploit – and then manufacturers find themselves in a real “chicken or the egg” kind of situation.
Until there’s significant widespread compromising of cyber systems in vehicles that threaten the bottom line of businesses in a big way, it’s unlikely that manufacturers will really appreciate how serious these risks are.
Most Are (Still) Fumbling Around in the Dark with Automotive Cybersecurity
There’s not a lot of information out there regarding the number of automotive cybercrime attacks, there’s a lot of incomplete information regarding the percentage of products that have had total security threat analysis completed, and there’s next to no information regarding automotive cyber solutions that have been vetted by third-party organizations, either. One of the best resources available are annual automotive cybersecurity reports, being published by the automotive cybersecurity vendors themselves: https://upstream.auto/upstream-security-global-automotive-cybersecurity-report-2020/
These are all major problems that will have to be addressed in the coming years, especially as more autonomous and connected vehicles catch on in our global society.
The future of automotive technology is brighter and more exciting than it’s been in decades. It’s critical to get out in front of the cybersecurity issues before they lead to major catastrophes.