While we close out 2022 and head into 2023, there is a significant lesson that we need to make sure to take with us. Cars are vulnerable to cyberattacks. As Tim Starks writes for the Washington Post’s Cybersecurity 202, “In an increasingly internet-connected industry with electric cars and autonomous vehicles also poised to carve out a bigger share of the marketplace, and with few government requirements on the books, those risks aren’t likely to subside soon.” So, if you’re an automotive manufacturer, cybersecurity should be at the top of your strategy list for the new year.
SiriusXM Vulnerability Highlights the Need for Cybersecurity
If you’re still wondering why cybersecurity needs to be a priority, look to the recent example of SiriusXM. The Hacker News reports that researchers discovered a vulnerability exposing cars made by Honda, Nissan, Infiniti and Acura to breaches via connected devices attached to SiriusXM. If taken advantage of, the flaw could be used to unlock, start or even honk the horn of the vehicle. Essentially, all a hacker would need to do is access the identification number. Why is this such a concern other than the obvious danger of being able to remotely control a car? SiriusXM’s Connected Vehicles (CV) services are estimated to reach more than 10 million vehicles in North America alone. Luckily, patches have been released for the issue, but you can see the widespread potential of such a cybersecurity problem.
Europe’s Response to Automotive Cybersecurity
One region that has really turned their attention to the impact of automotive cybersecurity is Europe. For instance, Europol, the European law enforcement agency, targeted and charged a cybercriminal group for running a keyless car hacking campaign. Europol explained that the ring used a misleading tool “to replace the original software of the vehicles, allowing the doors to be opened and the ignition to be started without the actual key fob,” as reported by the Washington Post.
In Sweden, the state-owned research institute RISE announced that it was launching a cybersecurity program providing a space for vehicle testing. The initiative, also known as The RISE Cyber Test Lab for Automotive, aims to work with the industry to try out the latest cyber technologies that stem from sources such as international telecommunications experts and ethical hackers. The insights gathered are meant to help manufacturers navigate areas, including digital twins, embedded software in vehicle units (ECU) and cloud-based vehicle software, according to EE News Europe.
Automotive Cybersecurity in 2023
It obviously isn’t just Europe that needs to develop approaches to ensuring that cars are made with cybersecurity measures intact. This needs to be a mission here in the U.S. and across the globe. As innovations, regulations and other plans ensue, let Dellfer help you. Reach out to learn how we can assist you in setting up your operations to uphold automotive cybersecurity in 2023.
- “Cars face cyber threats too” – Tim Starks, The Washington Post’s The Cybersecurity 202
- “SiriusXM Vulnerability Lets Hackers Remotely Unlock and Start Connected Cars” – Ravie Lakshmanan, The Hacker News
- “Sweden opens advanced automotive cyber security centre” – Christoph Hammerschmidt, EE News Europe