Connected cars, anti-hacking systems still insufficient
Dino Collazzo
The fear that a person other than the owner might control a car, is pushing car manufacturers to invest in cyber security. And not just them, individual companies too, increasingly worried about having their systems “hacked” and the consequence this would have in their business are also moving in the same direction.
Connected cars and the threat of "cyber attack". The on-going development of the Internet of Things (IOT) and artificial intelligence (AI) is transforming vehicles into “smart-cars”, exposing them, at the same time, to the risk of being hacked. In fact, the on-board presence of hundreds of sensors and computers in charge of controlling everything - steering, lights, brakes, tire pressure, driving assistance, infotainment systems, doors locks among others - makes them particularly vulnerable, especially in view of the multiple entry points through which hackers can access and take control of the vehicle. And it does not end there. Even the companies that produce these cars and use cloud computing services to manage huge amounts of data and “smart” manufacturing processes, run the risk of becoming potential targets. The unknowns of what many consider the fourth industrial revolution, however, cannot stop the technological development. That is why manufacturers, as well as other automotive businesses, have been investing hefty sums of cash in "cyber security systems".
A necessary step for any business trying to avoid losing customers, and profits. According to a study conducted by Grant Thornton, one of the world’s leading organizations of independent audit, tax and advisory firms, 21% of companies worldwide suffered at least one cyber attack during 2016 – during the research 2,600 CEOs of large companies in 37 countries were interviewed . And this figure seems to be constantly rising considering that the year before the figure was “just” 15%. Looking at the map drawn by Grant Thornton analysts, cyber attacks are on the rise across the globe. Throughout last year, 32% of European companies were targeted by hackers, followed by Africa (29%), North America (24%) Asia and the Pacific (13%). The most common form of computer violations covered the damage to business infrastructure, the use of blackmail or extortion to get money, fraudulent financial information related to customers and intellectual property theft. The most targeted sectors are: education and social services (36%); electricity, gas, water and utilities (35%), professional services (28%); oil and gas (20%), hi-tech (20%) and financial services (18%). In all this the automotive sector seems to have been spared, at least as far as the final products are concerned, which appear to be not so attractive for cyber criminals. But with the evolution of onboard technology it will not remain immune for much longer. Just think of the danger of ransomware attacks. In this case the on-board control unit and many of the car’s basic systems would “crash” preventing ignition, the unlocking of which would be subordinated to the payment of a “ransom price” to the cyber criminal.
Therefore, with the intent of dealing with this type of aggression that can affect production systems even within a factory, an invisible eye that spies on data and research, and a virtual hand capable of stealing know-how, industrial property and money, several companies have started to invest in cyber security. For now, however, the industry’s premium players are the ones moving with a certain amount of haste, allocating resources to their research and development centers and establishing partnerships with several startups, especially those active in IOT, AI, robotics, machine learning, big data management and information security. In the latter case we are talking about innovative companies that develop protection systems dedicated to data, sensors, innovative equipment and software from malware attack, the application of which can find space in industrial premises as well as on-board any vehicle.
A central theme this in any international forum, especially when talking about autonomous vehicles and connected cars. Therefore, the race towards making cars increasingly similar to smartphones must go hand in hand with making them as secure as possible. A challenge that cannot be escaped by both the automotive industry and the aftermarket supply network. Engine Components equipped with sensors for predictive diagnosis, software for autonomous driving, doors that open with an app, devices for infotainment useful for surfing the net and, soon enough, also to shop online, are still far too vulnerable to cyber attacks. Sure, to date we have not recorded many cases of direct attacks to connected vehicles. But the fact remains that these might and probably will occur in the future, given the increase in the number of connected car in circulation – 152 million by 2020 according to the latest estimates – not to mention all the operations that can be performed on-board. Thinking that we will not suffer the consequences of car hacking simply because at present no major problems have been recorded is a mistake car manufacturers can ill afford, if they do not want to jeopardize their brand image and large market shares.
A necessary step for any business trying to avoid losing customers, and profits. According to a study conducted by Grant Thornton, one of the world’s leading organizations of independent audit, tax and advisory firms, 21% of companies worldwide suffered at least one cyber attack during 2016 – during the research 2,600 CEOs of large companies in 37 countries were interviewed . And this figure seems to be constantly rising considering that the year before the figure was “just” 15%. Looking at the map drawn by Grant Thornton analysts, cyber attacks are on the rise across the globe. Throughout last year, 32% of European companies were targeted by hackers, followed by Africa (29%), North America (24%) Asia and the Pacific (13%). The most common form of computer violations covered the damage to business infrastructure, the use of blackmail or extortion to get money, fraudulent financial information related to customers and intellectual property theft. The most targeted sectors are: education and social services (36%); electricity, gas, water and utilities (35%), professional services (28%); oil and gas (20%), hi-tech (20%) and financial services (18%). In all this the automotive sector seems to have been spared, at least as far as the final products are concerned, which appear to be not so attractive for cyber criminals. But with the evolution of onboard technology it will not remain immune for much longer. Just think of the danger of ransomware attacks. In this case the on-board control unit and many of the car’s basic systems would “crash” preventing ignition, the unlocking of which would be subordinated to the payment of a “ransom price” to the cyber criminal.
Therefore, with the intent of dealing with this type of aggression that can affect production systems even within a factory, an invisible eye that spies on data and research, and a virtual hand capable of stealing know-how, industrial property and money, several companies have started to invest in cyber security. For now, however, the industry’s premium players are the ones moving with a certain amount of haste, allocating resources to their research and development centers and establishing partnerships with several startups, especially those active in IOT, AI, robotics, machine learning, big data management and information security. In the latter case we are talking about innovative companies that develop protection systems dedicated to data, sensors, innovative equipment and software from malware attack, the application of which can find space in industrial premises as well as on-board any vehicle.
A central theme this in any international forum, especially when talking about autonomous vehicles and connected cars. Therefore, the race towards making cars increasingly similar to smartphones must go hand in hand with making them as secure as possible. A challenge that cannot be escaped by both the automotive industry and the aftermarket supply network. Engine Components equipped with sensors for predictive diagnosis, software for autonomous driving, doors that open with an app, devices for infotainment useful for surfing the net and, soon enough, also to shop online, are still far too vulnerable to cyber attacks. Sure, to date we have not recorded many cases of direct attacks to connected vehicles. But the fact remains that these might and probably will occur in the future, given the increase in the number of connected car in circulation – 152 million by 2020 according to the latest estimates – not to mention all the operations that can be performed on-board. Thinking that we will not suffer the consequences of car hacking simply because at present no major problems have been recorded is a mistake car manufacturers can ill afford, if they do not want to jeopardize their brand image and large market shares.