Are Hackers Part of the Smart Cars’ Future?

Igor Ilunin, Head of IoT at DataArt, shares the potential dangers of connected cars with German Security Insider, and discusses the measures to ensure security of networked vehicles.

“The potentially malicious exploitation of security vulnerabilities in networked vehicles is a challenge for the automotive industry. The news about smart car hacking continues to reduce consumer confidence in the new generation of vehicles.

An experiment that received great attention was in 2015 when security researchers Charlie Miller and Chris Valasek hacked into a 2014 Jeep Cherokee , turned the steering wheel, switched off the breaks briefly, and turned off the engine. They revealed that they could access thousands of other vehicles using the Uconnect wireless entertainment and navigation system standard on Dodge, Jeep, and Chrysler vehicles. This non-malicious hack caused automaker Fiat Chrysler to recall 1.4 million vehicles.

Also in 2010 and 2011, researchers from the University of Washington and the University of California at San Diego published studies highlighting vulnerabilities in connected cars that could be compromised by savvy hackers. In 2016, researchers in Germany published a study showing how easily 24 different vehicles with wireless key fobs can be unlocked and started simply by accessing the key's radio signal. According to the research team, thieves can drive away in the car, while the wireless car key is still in the owner's house.

Because smart cars are IoT devices, the cyber-attack prevention practices are similar. The main difference is that the hardware and software of the connected vehicle is always the result of close cooperation and integration of several original equipment manufacturers (OEMs) and system suppliers. The latter connects to the cloud of an OEM or smart car using second-generation vehicle diagnostic equipment. These on-board diagnostic (OBD) devices give you access to vehicle telemetry. Using machine learning algorithms, they detect anomalies and gain information about potential risks or cybersecurity hacks. This reduces the risk of possible hacks.”

View original article here .