The Connected Car & Cyber Security – Part 2
Previously, we took a look at the evolution of connected technology in vehicles, the security threats that technology poses, and why fleets could potentially make for prime targets for hackers.
So what steps can fleets take in order to protect themselves?
Defending Your Fleet
While currently there is no such thing as Norton Anti-Virus for automobiles, there are some measures that can be taken to mitigate the chances of being hacked.
In March of 2016, the FBI released a PSA regarding vehicle hacking risks and provided some best practices for your connected car such as:
- Ensuring that vehicle software is up to date
- Verifying any recall notices received
- Checking on the vehicle manufacturer’s website to identify whether any software updates have been issued by the manufacturer
- Avoiding downloading software from third-party websites or file-sharing platforms
- Where necessary, always using a trusted USB or SD card storage device when downloading and installing software to a vehicle.
- Checking with the vehicle dealer or manufacturer about performing vehicle software updates.
- Exercising caution when making any modifications to vehicle software
- Maintaining awareness and exercising discretion when connecting third-party devices to your vehicle
- Being aware of who has physical access to the vehicle
It’s also critical to get in the habit of un-pairing your mobile device from any vehicle that you don’t own, such as a rental car, or a vehicle that you’re selling. Often times, crimes are committed out of opportunity. If you leave your device paired to a vehicle, it becomes an easy target for a hacker to compromise the system and obtain all of the data on that device.
In the event that you suspect a vehicle has been hacked, the FBI suggests to:
- Check for outstanding recalls and vehicle software updates
- Work with the vehicle manufacturer or dealer to determine whether the vehicle has been hacked
- File a Vehicle Safety Complaint with the National Highway Traffic Safety Administration
- Contact the FBI
The Future of Vehicle Security
Cyber security is a never ending game of cat and mouse. As hackers reveal flaws, security experts race to patch the vulnerabilities, only for the cycle to repeat itself again and again. But with the stakes so high, manufacturers, ethical hackers, and cyber experts will have to be proactive in developing counter-measures and response plans.
The development and implementation of security features such as iris scanners, fingerprint readers, and other biometric monitors will go a long way towards keeping unwelcomed persons from physically breaching your connected car and possibly attaching a malicious device.
On the back end, the continual adaption of over-the-air updates for connected vehicles will play a key role in preventing a wireless breach, as well as mitigating the impact should a breach occur. Like your iPhone, vehicle manufacturers will have to continually monitor their systems and issue firmware updates when necessary. Unlike recalls for physical defects, over-the-air updates can be seamlessly pushed to vehicles without a trip to the dealership, thus ensuring that all potentially vulnerable vehicles are updated.
The advancement in automotive technology is a wonderful thing. From semi-autonomous capabilities, to Wi-Fi hot spots, and advanced safety features, today’s vehicles are jam-packed with a plethora of amazing features. But as technology advances, so do the challenges. Unfortunately, there is no magic cure-all that will plug every potential vulnerability of a connected car. However, with continuous research and planning, there’s no doubt that security experts will be able to significantly diminish the risk of an intrusion.