Throughout history, technological booms have ushered in new eras of evolution for us as a society. We’ve gone through transformations in our methods to carry out actions such as communicating, building and accessing information. And we have, of course, gone through many variations in how we get around. Now we find ourselves once again at a technical turning point. This time it is known as “Industry 4.0,” which has a lot in store for vehicles. But with significant shifts, there is typically a trail of elements within a system that require time and energy to catch up to the rate of change. Cybersecurity is likely that element for connected cars.
Industry 4.0 Brings Change and Growth to the Auto Industry
A major characteristic of “Industry 4.0” is the internet of things (IoT). Essentially IoT embodies the growing reliance our daily devices have on the internet. This includes anything from our phones to our home appliances to our security systems. It also increasingly includes our cars. With the rapid transition to connectivity, an article for Auto Finance News explains that the auto industry is turning from hardware-focused to software-driven pointing to the prediction that “95% of all new vehicles sold globally will be connected by 2030.” From 2020 to 2021 alone, Statista reported that the market was expected to climb from $56 billion to $65 billion. While this all presents massive benefit for the field and leaders in the development of this tech like Blackberry QNX have come together for an advisory council to ensure that it progresses in the right direction, there are still very important concerns arising.
With Tech Innovation Comes Increased Cybersecurity Concerns
One contributor to such concern is embedded devices. Embedded devices operate much in the same way as laptops according to Ang Cui’s description found at GCN, meaning that they are susceptible to malicious cyber activity like a laptop. This shows in the number of attacks that we have seen target sectors like critical infrastructure, which has expanded its own dependence on embedded devices. Despite the awareness that has stemmed from such incidents, there is still a lot of work to be done in order to meet the necessary level of protection. And as the auto industry heads toward the same trend with embedded devices, it too will need to participate in that work. For example, there needs to be a push to create these devices with security measures already built in, especially since an attack on them can cause incredible damage ranging from monetary and reputation loss to terroristic threats. But to emphasize this demand there should be something that applies pressure. That is where regulation comes in handy, a topic that we have covered before. Efforts on this front have been initiated. For example, the Biden administration and other leading agencies have addressed putting together guides for securing OT systems. Plus, UN Regulation (UNR) 155 and ISO/SAE 21434 were issued to aid in mandating the implementation of Cyber Security Management Systems in vehicles.
It’s Time to Seek Out Proactive Solutions
It certainly does not end there though. Regulation organization will likely remain key, but there are other areas that automakers should prioritize as well in the mission to upgrade cybersecurity practices. A piece for Dark Reading categorizes these into five focal categories that feature the types of threats to remain vigilant for and the emerging spaces that open the landscape to such threats – Zero-Day exploits, supply chain attacks, shared mobility, connectivity and privacy. For instance, it is suggested in the article that operators in the industry figure out how to satisfy innovations that call for information sharing while still maintaining utmost privacy. This will become particularly critical as development such as autonomous cars and taxi fleets make their way further into the mainstream.
All in all, the new generation of technology is here, and it is currently revolutionizing our cars. So, we must, in turn, continue adapting our view of auto cybersecurity. As Ang Cui wrote for GCN, “These solutions are not without effort, but without action, we are leaving it up to the nation-states and bad actors of the world to provide the motivation for change.”
Sources:
- “Connected vehicles drive new streams of revenue and insights” – Shim Mannan, Auto Finance News
https://www.autofinancenews.net/allposts/auto-finance-excellence/technology/connected-vehicles-drive-new-streams-of-revenue-and-insights/ - “How are connected vehicles becoming the next frontier in digitalization?” – Express Mobility
https://www.financialexpress.com/express-mobility/how-are-connected-vehicles-becoming-the-next-frontier-in-digitalization/2402991/ - “The next frontier in cyberwar: Embedded devices” – Ang Cui (Red Balloon Security), GCN
https://gcn.com/cybersecurity/2022/02/next-frontier-cyberwar-embedded-devices/362545/ - “Cybersecurity Takes the Wheel as Auto Industry’s Top Priority” – Yash Prakash, Dark Reading
https://www.darkreading.com/vulnerabilities-threats/cybersecurity-takes-the-wheel-as-auto-industry-s-top-priority