Top 5 Security Risks for Connected Cars
June 13, 2018
Beth Kindig
Lead Tech Analyst
The global market for connected cars will grow by 270% by 2022 with 125 million passenger cars expected to ship worldwide between 2018 and 2022.1 By 2020, it’s estimated that UK, France and Germany will reach 100% connected car penetration. Growth in the European region is due to the eCall mandate which requires new cars to automatically dial the 112 emergency number in the event of a serious accident.2 While North America and Europe lead in the highest percentage of shipments, China accounts for 32% of shipments.
The list of connected features enjoyed by consumers that add more opportunities for security attacks include streaming radio, Wi-Fi access points and remote-control mobile phone applications. However, with these conveniences comes responsibility. The recent death of a woman in Arizona who was struck by an Uber in autonomous mode has put a spotlight on what can go wrong in connected vehicles as manufacturers seek to introduce more high-tech features to remain competitive to car buyers. Not surprisingly, 68% of Americans are fearful of cars with self-driving features.3
The increasing number of smart features built into cars opens door to a serious threat – hacker attacks. Because connected cars are linked with the Internet and its crucial parts are interconnected over a network, adversaries have the potential to remotely access and manipulate the data being exchanged leading to a number of problems, such as leaked personal information, overcoming vehicle’s security mechanisms, or even full remote control of the car.
Threats to the Connected Car
Innovative automakers, software developers, and tech companies are transforming the automotive industry. Drivers today enjoy enhanced entertainment, information options and connection with the outside world. As automobiles move towards more autonomous capabilities, the stakes will raise in regards to security. Even if cars are not entirely driverless, the functions will become increasingly dependent on applications, connectivity, and sensors. Vehicle-to-vehicle (V2V) and Vehicle-to-Infrastructure (V2I) allow the car to communicate with other cars and infrastructure such as traffic lights. Vehicle speed adjustments, telematics, and AI voice recognition and interfaces will become common features.
The rapid increase of these technologies inevitably creates the risk of hackers gaining access and control to the essential functions and features of those cars and utilizing information on drivers’ habits for commercial purposes without the drivers’ knowledge or consent.
Here are some of the risks for connected cars:
- Stealing personally identifiable information(PII): Today, sensors generate 25 GB of data per hour and this is expected to double considering there will be 200 sensors installed in connected cars by 2020 up from 100 sensors in 2015. Once autonomous vehicles become mainstream, the 17,600 minutes Americans spend driving annually will equate to 300 TB of data per year.4 Financial information, personal trip information, location information and entertainment preferences are just some examples of PII that can potentially be stolen through a vehicle’s system.
- Connection security: Like other connected devices, vendor implementation flaws are often exploited by researchers for proof-of-concept attacks. However, it is inevitable that these will be followed by real life attacks. The current poor state of security on connected cars creates a tempting target for cyber criminals.
- Manipulating a vehicle’s operation: Catastrophic incidents resulting in personal injury and lawsuits may be in the near future. Well-known cybersecurity researchers Charlie Miller and Chris Valasek have demonstrated several proof-of-concept attacks where they were able to control the braking and steering of a car by accessing the adaptive cruise control system.5 Although costly and with a lower likelihood than data breaches and unauthorized entry, this sort of attack has now been proven possible to a global audience.
- Unauthorized vehicle entry: Car thieves now have a new way to gain entry into locked vehicles. Many vehicle technologies have opted to replace physical ignition systems with keyless systems using mobile applications or wireless key fobs. These new access mechanisms mean that methods of obtaining illicit entry include intercepting the wireless communication between the vehicle and the mobile application or between the wireless fob and the vehicle to gain entry credentials, among other methods. The New York Times has documented methods such as wireless key emulation devices and “power amplifiers” that increase the range of the wireless signal looking for the entry credentials. If the owner is in a house or other location close to the car, criminals can then gain entry when their wireless fob responds.6
- Mobile application security: As more automobile manufacturers release mobile applications that communicate with cars, mobile applications are quickly becoming a major target for malicious behavior. One example of a flaw in a mobile application happened when Nissan had to pull its NissanConnect EV application for the Nissan Leaf.7 The poor security of the application allowed security researchers to connect to the Leaf via the Internet and remotely turn on the car’s heated seating, heated steering wheel, fans and air conditioning. In an electric car, this meant the possibility a malicious actor could drain the battery of an unsuspecting owner. Mobile applications themselves can be vulnerable in a number of ways. According to Gartner, 75% of mobile applications would fail basic security tests.8 Mobile operating systems themselves are a source of concern—over the last four years, there has been a 188% increase in the number of Android vulnerabilities and a 262% increase in the number of iOS vulnerabilities.9
Gains of up to 403% from our Free Newsletter.
Here are sample stock gains from the I/O Fund’s newsletter --- produced weekly and all for free!
+344% on Nvidia
+403% on Bitcoin
+218% on Roku
*as of March 15, 2022
Our newsletter provides an edge in the world’s most valuable industry – technology. Due to the enormous gains from this particular industry, we think it’s essential that every stock investor have a credible source who specializes in tech. Subscribe for Free Weekly Analysis on the Best Tech Stocks.
If you are a more serious investor, we have a premium service that offers lower entries and real-time trade alerts. Sample returns on the premium site include 324% on Zoom, 601% on Nvidia, 445% on Bitcoin, and 4-digits on an alt-coin. The I/O Fund is audited annually to prove it’s one of the best performing Funds on the market with returns that beat Wall Street funds.
More To Explore
Newsletter
Where the Market is Headed Next
When the market was selling tech last year, the I/O Fund was buying AI leaders. For example, from September 2021 through January of 2023, we initiated 9 buy alerts for NVDA below $210. The last two al
Apple Bets On The Emerging Markets Growth Story
The smartphone market continues to be hit hard in q1, with prices down 20% and shipments down 13%, according to Canalys. Despite double digit decline across the industry, Apple delivered marginal grow
Nvidia Will “Still” Surpass Apple’s Valuation
My coverage on Nvidia as an AI leader began in 2018 (yes, really – five years ago). Since then, I’ve covered the AI microtrend for this specific stock 27 times on my research site, which is the equiva
FAAMG Stocks Trading At Precarious Valuations
The mega-cap stocks that are known as FAAMG reported earnings recently. These names are driving the market higher, especially Microsoft and Apple. In fact, the percentage of Microsoft and Apple’s comb
Apple’s Stock In Focus: More Profitable Than Banks
Investors looking for the “next big thing” will point toward companies like Stripe, Sofi or Square as the leading fintech stocks. Meanwhile, the next big thing to disrupt the financial sector may be s
This Stock Price For Netflix Is A “Buy” For 2023
In April of 2022, Netflix surprised the markets by reporting its first subscriber loss in nearly 10 years. The stock tumbled 35% the following day, as investors panicked. Famed hedge fund manager, Bil
Where the I/O Fund Holds Cash When Banks Keeps Failing
Amidst the growing skepticism in our banking sector, we thought it would be helpful to introduce an alternative way to both protect and diversify one’s assets. The information below discusses a method
Tesla Stock: What You Need To Know About Q1 Earnings
Two months ago, we wrote that after realizing gains of 31%, it was time to take a time out on Tesla at the $208.31 price when our firm stated: “Right now, our technical analysis is at odds with our fu
Bitcoin Vs Banks: Here's Where the Price Goes Next
The recent decoupling of Bitcoin from equities, we believe, is the start of a new uptrend that appears to be inversely correlated to the financial sector. The financial media would have us believe tha
Official Press Release: I/O Fund’s Cumulative Returns Double the Nasdaq Following a Tough 2022
Actively managed portfolio and research site announces its largest cumulative lead over institutional all-tech portfolios. The I/O Fund defies a challenging market, outperforming peers and providing i