Author: Yossi Vardi / Source: The Next Web
There are more connected cars than ever — manufacturers are making more of them than ever, more people are driving them than ever, and that means hackers and bad actors have a bigger target than ever. As connected “devices” — albeit the biggest and most complicated of connected devices — vehicles are as vulnerable as any other internet-connected computer, smartphone, or anything else.
Actually, they might be even more vulnerable; there have been numerous incidents in which hackers took direct control of IoT devices — and a vehicle‘s CAN bus is eminently hackable, according to experts. In addition, connected vehicles use more complex software to provide advanced functionality creating new opportunities for malware to take over.
2018, it could be said, is the year connected car security finally got the attention it deserved. Being attacked by malware that steals user credentials to break into a database of credit cards is not pleasant for victims; but a hacker that compromises a connected vehicle‘s braking or steering system could cause a passenger or driver to lose their lives.
It’s not like such life-threatening hacks haven’t happened before. The consequences of a hack attack on connected commercial vehicles are even more substantial, given the function they serve in complex global supply chains, as highlighted by Frost & Sullivan.
What are some of the trends we can expect in connected vehicle attacks — and security — in 2019?
More zero-day attacks
In 2018, the number of reported hack attacks on connected vehicles shot up six times more than the number just three years earlier. Obviously, a big part of this is that there were a lot more connected cars in 2018 than three years before – but because connected vehicles are a bigger target, they are drawing the attention of more hackers, intent on “branding” the space with their own little twist on mayhem.
Thus, a repository of data on connected vehicles lists dozens of different attacks that hackers undertook — like the hacker who hijacked a Tesla 3’s onboard computer to run his own operating system, or a breach in a connected alarm system that could enable hackers to steal vehicles, or numerous infotainment, telematics, and ECU vulnerabilities that could allow BMW vehicles to be compromised – and many more.
And because security measures cannot advance and deploy quickly enough to handle the growing number of threats, most vulnerabilities are unknown until an attack happens, a.k.a. zero-day attacks. With connected vehicle sales going nowhere but up and more and more sophisticated software installed in new vehicles, expect more — and more sophisticated — connected attacks in 2019.
OEMs more concerned – and more serious…
The post Where automotive cybersecurity is headed in 2019 appeared first on FeedBox.