As Connected Vehicles Become A Reality, Hackers Become A Real Concern

It’s no secret that there’s a major effort underway to create connected cars that can “talk” to each other as well as the traffic system for the purpose of vehicle automation.

These so-called “connected car” systems offer the promise of a new, smart vehicle era that will make driving more convenient, substantially safer, and perhaps even more efficient. Most of this technology is still a few years away, but it’s definitely something automakers are focused upon.

In the here and now, we’re seeing a different type of “connected car,” one that can interface with the Internet. While tethered Internet access has been available for a while now (meaning your vehicle uses your phone’s data plan to get online), GM has made a concerted effort to develop in-car Internet. This system allows you to get online by connecting to a built-in WiFi access point, which then uses a built-in wireless Internet access system to get online. Audi has an in-car Internet system as well in their A3, and more automakers will be offering in-car Internet as a feature in the very near future. In-car Internet is definitely coming our way.

Yet as exciting as these connected car innovations may be, there’s at least one dark aspect to these changes that’s worth considering: When you add a communications system to a vehicle, you often create an access point for hackers.

Is Car Hacking Really A Concern?

Last year, two security engineers “hacked” a Toyota Prius and Ford Escape to show Forbes what a car hack attempt looks like. With the writer in the driver’s seat, the hackers:

• Disengaged the brakes
• Blasted the car horn
• Slammed on the brakes at high speeds
• Altered the speedometer and odometer readouts
• Altered the GPS readout
• Took over the steering enough to jerk the car back and forth

How did they do all of this? With an old laptop connected to an inconspicuous data port located near the parking brake. The duo says they can do the same thing wirelessly, and there already has been academic research showing it can happen.

A recent report from cybersecurity experts Charlie Miller and Chris Valasek named 20 vehicles as “most hackable” at a recent technology security conference. Their research focused on identifying vehicles with multiple access points (like built-in WiFi and Bluetooth), and then determining if these vehicles internal networks had sufficient security safeguards. While the report doesn’t specifically prove that these cars can be hacked, it does point out that automakers have very little in the way of internal vehicle network security systems.

While there are some definitely some caveats here – it’s not as if a hacker can push a few buttons and cause your car to drive itself into a brick wall – there is cause for concern. Automakers are adding lots of technology to their vehicles as quickly as possible, and it’s fair to wonder if all of this technology has sufficient protections.

What Are Automakers Doing About These Risks?

Automakers have only just begun to dig into the security threats to their systems, and that makes sense. After all, up until automakers began to offer connection points like Bluetooth or WiFi, cars had been relatively impervious to security threats. Cars used to be completely stand-alone systems – the only way to “hack” one was to break into the car itself. At that point, it’s not hacking so much as it is breaking and entering.

Automakers are now playing catch-up in security, building firewalls, embedding security chips and employing hackers to find issues with their systems. Representatives from various automakers are also meeting with security experts at events like the recent Black Hat security conference to get outside opinions on their work.

Still, the fact is that cars are complicated, and hackers are clever. As more vehicle communication systems are added, the risks associated with hacking can only increase. Like all security efforts, it will take time for automakers to sufficiently harden their systems.

Might We Be Better Off Without Connected Car Systems?

In-car internet and vehicle-to-vehicle communication systems certainly aren’t without controversy. In addition to hacking concerns, there are concerns about privacy and – in the case of in-car Internet – distracted driving. As these systems become more commonplace, it’s likely that consumers and pundits alike will question the value of these systems from a societal standpoint.

It’s good to have these debates, but it’s important to understand just how revolutionary these connected car systems could become. If, for example, your vehicle is able to communicate with other vehicles in the immediate vicinity, your vehicle can avoid collisions. Car “a” can tell car “b” to slow down or brake, turning a serious accident into a near miss. Vehicle to vehicle communication systems could even offer the ability to plan and route traffic, so that cars could travel in “packets,” avoiding one another at major intersections without having to stop or slow down. The possibilities for vehicle safety and commuting efficiency are truly incredible.

Likewise, a vehicle that can connect to the Internet isn’t just a convenience for Internet hungry passengers. GM’s vehicles, for example, will use their Internet connection to share diagnostic data with repair facilities, remind consumers to perform scheduled maintenance, provide information about a vehicle’s location, etc. This could make owning a car just a little bit easier, as your vehicle could tell you when it needed service, and your repair shop would know what part(s) you needed before you arrived. Your internet connected car could almost fix itself!

So while it’s important to think about privacy and security, it’s also important to remember that this is fundamentally a question of risk vs. reward. As vehicle enthusiasts, it’s incumbent upon us all to understand the technology and its implications. A knee-jerk response to a very public hacking problem or privacy breach would be a big loss.