Tuesday, 7 February 2017

Lack of Cyber Security Poses Threat to Modern Cars

car
Cars have evolved so much from being a machine only used for transportation to an all-round smart transport system, integrated with accurate navigation, music and cameras. But as all good things have their own vulnerabilities, equipping cars with accessible technology risks the danger of it being hacked. All cars manufactured in EU should be connected via emergency Call (eCall) services by the month of April in 2018. However these simple mobile devices are not built strong enough to keep away hackers and malicious programs. A research conducted by Hebert Leenstra at the Cyber Security Academy in Hague on Automotive industry, inclines that car manufacturers should take the lead on protecting people from increasing cyber threats.

Modern day cars, including cars that can self-drive are in constant connection with its surroundings. Microchips have been used in almost every car system which controls the basic functioning of the car such as navigation system, music system and managing the car engine. Microchip uses Wifi, Bluetooth, and 4G/5G services to communicate to other cars or networks. A hacker can easily gain access to the car’s network via the internet. The most vulnerable part is the CAN bus where all the vehicle’s ICT systems are stored. A hacker who has gained access to the CAN bus can virtually control the car such as changing speed and applying brakes.

Everything wrong with modern cars

There are some basic flaws and defects in the ICT structure of modern day vehicles that can be exploited by hackers. The entertainment system is often linked with the engine in most of the cars even though there is no apparent reason for these two to be linked together. Also modern day cars rely on using the internet for their navigation systems which can easily be hacked.

What can be done to improve Cyber security?

The research carried out by Leenstra has identified several steps that car manufacturers can take to protect their customers. The first thing car manufacturers should do is change their Can bus design so that essential and non-essential systems are separated making them less vulnerable to cyber-attacks. The government needs to reevaluate their policy that prevents car manufacturers from providing extended support to car software, security and firmware updates. The implementation of the update, which is done via the internet or by a USB stick, should also be reviewed as the UDB device can hold back all kinds of information.

A broader approach could be taken by governments, dealers and insurers in spreading knowledge and information about cyber security. Information Sharing and Analysis Centre (ISAC) established in the United States have taken an aggressive step to stop Cyber-crimes. All parties within the ISAC share information and experiences regarding Cyber-attacks, which Europe can learn from and adapt.

The ICT structures of the modern day cars needs to be completely revamped to ensure customer safety. With the incidents of hacking becoming more frequent, it is necessary to implement measures as soon as possible.