One in 5 cars will have some form of wireless network connection in 2020, according to Gartner. In the Internet of Things, formerly unconnected devices are wirelessly linked to the Internet in order to capture data or automate systems, and cars are now a major element of this emerging technology.
“Connected cars” are revolutionizing the automotive industry, car dealerships, and transportation landscapes. However, there has been significant media coverage exposing critical vulnerabilities in software that compromises the privacy of consumers.
What Is a Connected Car?
The concept of a connected car is, understandably, highly complicated. In-vehicle wireless connectivity creates huge possibilities for sophisticated infotainment systems, application processors, heads-up displays, graphics accelerators, and vehicle-to-vehicle communications (V2V). And this is just the beginning.
From car insurance to fuel efficiency, connected cars are going to have a huge effect on consumers. Industries are coming together in the realization that a fully connected transportation system is the future and right now connected cars are merely one step in the evolution toward fully autonomous cars.
For example, Google was able to let a car drive on its own in traffic, and other companies, like Chevrolet, are implementing WiFi in their new vehicles. According to Navigant Research’s Transportation Outlook: 2025-2050 report, self-driving cars with no driver controls probably won’t be around until at least 2025, but that’s only because road markings, signage, and GPS mapping systems need to be completely uniform and maintained first.
While the technological developments are numerous, the number one reason smart cars are advancing is to provide a safer driving environment. It’s estimated that once cars start driving themselves, traffic fatalities could be reduced 90% by 2050. But even though physical safety is the primary goal of smart cars, cyber safety has not been given the same priority.
It is critical for consumers and manufacturers alike to realize IoT cybersecurity is a growing threat to these hyper-connected vehicles. Hackers should be a huge concern for anyone with a connected car. Not only can any personal info connected to a smart car’s database be hacked, but thanks to V2V tech, these cars broadcast their position and direction at all times.
Automotive Security Holes
The automotive field is a poignant example of worst practices in security, according to several automotive experts. In the last few years, smart cars, as well as subsequent connected car apps, have been scrutinized for many things: constant recalls, safety hazards, diesel-engine tricks, etc. The reality of the matter is that manufacturers have not put much effort into protecting wireless signals, establishing built-in security standards, creating new regulations and laws, or repairing security issues with proper software updates.
These problems are not getting better either. For example, Nissan had to remove an app made for their Leaf electric car because it was easily hackable. Last year, Fiat Chrysler Automobiles issued a recall notice for 1.4 million vehicles; hackers were able to wirelessly break into cars and electronically control brakes and acceleration functions due to a software hole.
The IoT influence in connected cars is only going to deepen as more of them come online. Exposing a car to the Internet makes it vulnerable to cyberattack, thanks to poorly written software and cybersecurity that render the car unstable. Further, according to a joint investigative report by the International Data Corporation and Veracode, information on driver’s movements may be captured by the vehicle and relayed to a central network, providing yet another avenue for criminals to gain large volumes of consumer data. The protection of this information is vital, and yet cybersecurity measures remain alarmingly lax.
Best practices in cybersecurity must be implemented at every stage of the manufacturing process. Currently there is little regulation for car security, although, there have been a few slow changes. The Spy Car Act of 2015 calls for new federal standards in car security, while the SEA-issued J3601 guidelines requires security practices to be applied to the manufacturing process.
The demands for more tech available in cars grow daily, but it is important to also demand safety. Consumers should be aware of the issues involved with connected cars, as well as the security options that are available (and the ones not yet available). Automakers and consumers alike should be taking steps to verify that the vulnerabilities of the past do not continue to hinder the future—a fully equipped smart car is one that is equipped to protect drivers’ lives and their data from hackers.