Highway hacking poses huge threat

Android — probably because of its open-source DNA — is particularly vulnerable to online attacks from viruses and hackers.

  • Android-Auto

I recently had a nasty brush with an online virus, which paralyzed my laptop for a few hours before I managed to find a way to disarm the threat.

The whole thing left me frantic — and I was just checking my email from the comfort of my home.

Now imagine that happening to your car while you are cruising down the 401 at 100 km/h.

A non-responsive steering wheel. Or stalled brakes. Or a less dangerous but far more annoying blaring horn?

As paranoid as it may sound, connected cars could make that a reality. After all, “tablets on wheels” are not that much different from actual tablets.

The likes of Apple and Google are constantly vying for control of your dashboard, trying to turn it into another platform for all things online. The latter recently launched its in-vehicle operating system called Android Auto, while the former introduced its CarPlay this year.

Similarly, more and more automakers are bringing the Internet to the car through tie-ins with various service providers.

But Android — probably because of its open-source DNA — is particularly vulnerable to online attacks from viruses and hackers.

Reports show that malware-laden apps on the Google Store have rapidly increased — actually quadrupled, by at least one measure — in the past couple of years.

With attempts to directly port these apps to a vehicle’s infotainment system, the risk of external threats is bound to increase, according to security experts.

One report making the rounds of tech blogs following a recent online security conference in Singapore, found that it may be pretty simple for hackers to do some mischief on the road.

Ernst & Young security expert Nitesh Dhanjani found that someone could easily unlock a Tesla by hacking the password on a remote access app offered by the EV maker. He also claims that Tesla cars are vulnerable to third-party apps.

Of course, the potential damage demonstrated by Dhanjani seems fairly tame. But connectivity and electronic content in vehicles is on the rise. More than 50 per cent of vehicles in North America will have some form of connectivity by 2020, according to Frost & Sullivan data.

More importantly, the matrix of complex sensors and communication systems will be far more embedded in these vehicles, and control more important functions.

Many of these internal electronic systems were built to work within a closed system. Now, they are being turned outward to boost functionalities such as telematics access and remote diagnostics.

Data released this year by the Center for Automotive Research in Ann Arbor, Mich., revealed that today’s average car contains 60 microprocessors and nearly 18 million lines of software code (and that doesn’t take into account the millions of lines of code required by the slew of new operating systems invading modern vehicles.

The topic of vehicle security, particularly that of illegal access through wireless systems, has been gaining serious traction after a 2010 research study by University of Washington and University of California (San Diego) scientists that clearly demonstrated the remote vulnerabilities of today’s vehicles.

So far, automakers seem confident they can tackle any threats.

Right around the time Tesla’s vulnerabilities were revealed, the company hired a woman named Kristin Paget. Tesla has never revealed her true role in the organization, but insiders know that she is a hacker who has worked with the likes of Apple and Google to help build better armour.

Similarly, infotainment companies such as Harman and world-leading suppliers such as Continental are partnering with online giants such as IBM and Cisco to tackle security issues. In fact, Continental has gone as far as to reveal that it is holding back on many functionalities of systems it supplies to automakers, in order to first ensure they are hacker-proof.

There have been no reported instances of car hacking, but lawmakers are already getting busy south of the border.

Future automated cars could be potentially devastating targets of hacking.

The National Highway Traffic Safety Administration launched a research study aimed to better understand cyber-threats on autonomous vehicles.

The findings are expected to be used for drafting future guidelines and legislation.

Kumar Saha is a Toronto-based automotive analyst with the global research firm Frost & Sullivan.

Follow on
Instagram  #wheelsca

    Show Comments