Cybersecurity and incident response for your car?

3 Minute Read

The use of interconnected technology in our world is continuously on the rise; case in point, it is not uncommon for cars to be equipped with wireless features such as Bluetooth, Wi-Fi and keyless entry systems. These technologies allow for hands-free calling, built-in GPS systems and Internet access. Unfortunately, they also invite a way for hackers to access our personal vehicles. Take Chrysler’s recall of 1.4 million vehicles earlier this year: The manufacturer attributed the recall to faulty automotive computer systems that could be easily infiltrated. The industry giant was forced to address a problem that wasn’t even conceivable just a decade ago.

Chrysler might have anticipated the likelihood of such breaches based on industry studies. For example, in the summer of 2013, a duo of security researchers successfully penetrated a car’s control system as part of an article being written for Forbes. The hack wasn’t executed wirelessly though, as the pair had their laptops plugged into the vehicle’s onboard diagnostic port, which is a common access point for electronically controlled systems by automotive repair technicians. The results were quite promising for the hackers but worrisome for the automotive industry, as the car’s brakes, horn and steering wheel were successfully accessed, and the vehicle was sent flying into a ditch.

Unfortunately, the less-than-desirable findings didn’t stop there. The researchers successfully continued to explore the possibility of utilizing a car’s wireless features to gain control of it using code they had developed. Specifically, they hacked into a car’s controlled-area network (CAN), which is a simple operating system used to control the different processes in automobiles.

Fast forward to this past July and the duo performed the same hacks with the same reporter who had written the first story, but wirelessly. The reporter drove a Jeep Cherokee onto a nearby highway and once the hackers gained access to the car’s computer system, chaos ensued. The vents began to blow air and old hip-hop music blared over the speakers; the playful intrusions quickly became less innocuous, however, when the driver realized his car’s engine had been shut off remotely.

The realization that cars can be hacked in such a dangerous manner prompted the recall by Chrysler of its 1.4 million vehicles. In case you’re anxious about your own vehicle’s online system, however, know that these hacks are not easy to perform. Hacking a car requires money, technological resources and expert knowledge; so, the chance of one’s car being taken over remotely by a criminal is highly unlikely.

As technology continues to advance, cars will act more as an extension of one’s personal network, given all of the wireless capabilities coming down the pike. However, this potentially puts more and more drivers at risk. Yet, since the discovery of the security gaps in automotive control systems, the Alliance of Automobile Manufacturers have created a central hub for intelligence and analysis surrounding vehicle vulnerabilities, according to an article published in the LA Times. When this happens, car companies will need to ensure their security strategy is optimized to handle the types of attacks that can now, so easily, ensue. With this new hub, the automotive industry will also need to adopt well-rounded security strategy. Such a strategy should include automated incident response since the increasing numbers of cars on the road will require a faster reaction time to potential threats. After all, Business Insider suggests that 10 million self-driving cars will be on the road by 2020; so, the stakes are now higher than ever for the automotive industry.

Interested in Learning More?

Subscribe today to stay informed and get regular updates from Swimlane.