Smart Car Cybersecurity Considerations

Just as our phones, homes, and nearly every other aspect of our lives have become smarter in recent years, technological advancements have made smart cars a reality for us today. Vehicles have been gradually getting upgraded with more necessary and luxury applications of technology such as seatbelt and airbag improvements as well as lane assist and blind-spot detection. Cars are considered “smart” when their technology goes beyond these widely used features and gets into the space of AI. AI, or artificial intelligence, allows these smart cars the ability to do far more than Carl Benz or Henry Ford could have ever imagined the simple gas-powered vehicles created in the late 1800s would become.

Tesla is often the brand of car that comes to mind when we think of a smart car, partly due to the fact that the display in the middle of the dashboard is a whopping 17 inches on certain models. This is also due to advancements in the vehicles’ driving capabilities as well. Tesla boasts two major levels of AI technology for a driver when it comes to the actual act of driving that distinguish it from other cars - obstacle aware acceleration and full self-driving capability. Obstacle aware acceleration does exactly what the name implies - it detects any physical objects in front of the car (when driving at lower speeds) and automatically reduces acceleration forward upon finding anything in the car’s path. Tesla is also one of the companies offering full self-driving capability for drivers - this technology does require a person to be paying attention to what is going on in the driver’s seat, as accidents can happen, however, this is the closest we have come to seeing the car take the brunt of the work when it comes to steering and speed control. 

Though at the high end of many drivers’ price range, smart vehicles are slowly becoming more and more widely adopted by individuals to the point that, in many cities across the country, it is not uncommon to see plenty of them out and about along with charging stations popping up. As with the many other areas of our lives where technology has been injected in a major way, the issue of cybersecurity has become something that needs to be considered. “With technology comes hackability” – in 2015, cybersecurity experts put this sentence to the test by remotely hacking a Jeep Cherokee that was going 70 mph down a highway! Since then, manufacturers have tried their best to prioritize cybersecurity when it comes to implementing smart technology in cars; however, there are still concerns. Among the top concerns for cybersecurity and cars are:

• Keyless & Remote Start Car Theft – One of the biggest threats to smart cars is related to a feature of these cars that is considered attractive by many individuals in their car searches - the keyless entry into the car. This feature allows the driver to gain entry into the car just by standing near it with a key fob in their pocket. While this has been more widely-adopted by numerous brands, some newer models of cars have a feature that goes one step further. Remote Start, like that seen in Honda’s HondaLink, allows a car owner to not only unlock but start their car from up to 1,000 feet away. This means you can warm your car on a cold winter morning without trekking out in the cold first or getting the vehicle cooling off instead of hopping into a baking hot car. However, both of these features also pose threats as they are vulnerabilities that hackers and criminals alike can take advantage of. The physical threat of starting your car from afar means it is unattended, and though a car won’t drive off without the key, criminals can access the inside of your car and have the potential to hot wire it if your key is not inside. Hackers can also take advantage of remote start technology, especially the aftermarket add-on versions which will allow them to take the vehicle itself.
• Brute Force Attack – A brute force network attack occurs when hackers just keep trying different usernames and passwords over and over again until they crack the code. This type of attack has become prevalent in the automotive industry not only against smart cars themselves but also against the manufacturers and dealerships. The reason these folks are so highly targeted is primarily due to the financial data that they collect from users and consumers. 
• EV Charging Station Exploitation – Electric vehicles are some of the “smartest” cars out there today. While these vehicles usually allow for some gas consumption like normal cars, they primarily rely upon electric power to operate. Charging stations are becoming more and more commonly seen across the country, and these are essentially like gas stations for the electric vehicles but rather than filling up with gas, these drivers replenish their car by plugging it in at charging stations. However, there is a vulnerability posed when charging your vehicle while out and about as opposed to being at home; when you plug your electric vehicle into the charging station, data transfers between the car and the station, so the company which owns the charger has the ability to gain access to any of this data. This leaves an opportunity for cybercriminals to step in and attack this connection, just as they can with other data transfers in the cyber realm.

Smart cars are seen as the future of the automotive industry, and while they are quite exciting, it is clear that cybersecurity needs to be a high priority when it comes to creating these modern vehicles in order to keep the drivers and the entire industry safe.

‍

Image by jcomp for Freepik. 

‍