Industry's right to fear hackers [sponsored]

In this article: The connected autonomous vehicle revolution creates a need to increase cyber security skills in dealerships

As we embrace increasingly connected cars and look forward to a world populated by autonomous self-driving cars, we’re naturally concerned about the potential of cyber hacking of cars’ control systems with potentially devastating consequences. Are we moving into a world where hackers are just as likely to try hacking our cars as our PC or cloud data?

The global market for connected cars is expected to exceed 125 million passenger cars worldwide within the next two years, according to Counterpoint Research’s Internet of Things Tracker service, which also notes that Mercedes-Benz, BMW, Audi and General Motors are currently leading the charge to embed connectivity into their cars.

Driving connectedness

The EU’s eCall regulation is further stimulating connectedness. Indeed, it demands that all new EU-manufactured cars are equipped with the technology from April 2019. In the event of a serious accident, your eCall facility automatically dials 112, Europe’s single emergency number.

Many of today’s new cars also have connected digital infotainment systems, onboard diagnostics (OBD) and telematics systems all collecting information about the car’s running status, overall vehicle health and fuel economy, even logging the driver’s driving-style, offer multiple routes into a car’s controls systems for a hacker.

The latest cars have more than 30 electronic control units or ECUs. These tiny digital brains have at least partial control over everything from steering and braking to suspension settings and throttle inputs. The problem is, anything controlled by computers is hackable once it is internet-connected. We’ve already seen some serious, although not thankfully malicious, car cyber-attacks hit the headlines around the world.

Olympus has fallen

A group of Chinese security researchers were able to hack a Tesla Model X , allowing them to turn on the brakes remotely, open and close the doors and boot while blinking the lights in time to music streamed from the car’s radio — an effect they dubbed “the unauthorised Xmas show.” This was a complex hack through which they were able to remotely control the car via both wifi and a cellular connection. Tesla successfully patched this issue within two weeks of it being reported.

We’ve also had Charlie Miller and Chris Valasek, two US-based IT engineers who managed multiple hacks of Ford and Toyota cars compromising safety systems, gaining access to brakes, cruise control, steering, parking assist as well as the remote keyless entry system.

As we move into the autonomous vehicle age, hacking becomes even more sophisticated: a very clever man named Jonathan Petit has worked out how to disrupt the LiDAR system which enables autonomous cars to build up an accurate 3D view of what’s around them. He’s effectively laid bare the techniques for turning an autonomous car into a killing machine unless major improvements are made to existing technologies being used. In the future, rapid reaction to security vulnerabilities and automatic issuing of patches direct to vehicles will be a necessity.

Dealers are not immune from this increasing cyber threat. Rapid adoption of increasingly sophisticated and networked IT systems in dealerships, together with the arrival of more connected cars on their forecourts, puts their systems in the line of fire. Dealers’ DMS, CMS, EMACS and other data-intensive IT systems hold vital information about vehicles sold and being maintained by them.

A hacker might decide that it’s easier to target these central systems. From there, they might hack into multiple vehicles on a dealer’s books - or simply steal and sell this vital vehicle data to thieves. This inevitably means dealers are going to need to beef-up their IT skills across the board, while considering cyber security as a key part of this upskilling push.

Paul Smith is a Director at Traka Automotive