Cybersecurity in Connected Vehicles Becomes Safety Feature for New Cars
February 01, 2018
Lead Tech Analyst
New car firms such as Tesla are promoting increasingly high-tech features that require a connection to the internet, which has propelled cybersecurity in connected vehicles forward as a major safety feature. Last year, Chinese security researchers from Keen Security Lab successfully managed to hack a Tesla Model S from 12 miles away. By focusing on Tesla’s on-board software, the hack targeted the car’s controller area network, or CAN bus, which connects the chips found inside the cars. In this hack, the Model S P85 and Model 75D were targeted. Tesla continued to make news in 2015 for safety concerns in cybersecurity of connected vehicles. In November 2016, security personnel from the Norwegian company Promon were able to use the Tesla’s Android app as an entry point to successfully hack the vehicle. What’s more, using the features in the app, the hackers were able to locate the vehicle, unlock it and drive away unhindered.
As GM CEO Mary Barra said in a keynote speech, “A cyber incident is a problem for every automaker in the world. It is a matter of public safety.” As Tesla, GM and many others continue to release connected vehicles, the dangers of cybersecurity are very real. In fact, more than half of the vehicles sold today are connected and vulnerable. This threat will only grow as manufacturers begin to release autonomous vehicles.
Cybersecurity in Connected Vehicles and Mobile Applications
While gaining access to, and being able to control or steal, a vehicle such as a Tesla is disturbing enough, it raises several concerns about not only cybersecurity in connected cars, but also the mobile applications that extend the features of these vehicles and others. In fact, mobile apps are quickly becoming the main target for malicious behavior. Over the last four years, there has been a 188 percent increase in the number of Android vulnerabilities and a 262 percent increase in the number of iOS vulnerabilities. In addition, according to Gartner, 75 percent of mobile apps would fail basic security tests.
Digging deeper, Veracode found that four out of five applications written in PHP, Classic ASP and ColdFusion failed at least one of the OWASP Top 10, implying that many web-based applications and websites contain security vulnerabilities. More than 80 percent of mobile apps on both the Android and iOS platform revealed cryptographic implementation issues. This attempt to protect and then doing it poorly highlights the importance of updated training and tools to aid these feature developers as they target secure and protected applications.
Recently, Android malware has become more stealth. Last year, in 2015, malware began to obfuscate code to bypass signature-based security software. Despite Google’s response to critical vulnerabilities and patches of critical issues in the Android OS, end users are still dependent on device manufacturers for these updates.
Tesla and other automobiles today can have the computing power of 20 personal computers and feature 100 million lines of programming code. While features such as web browsing, Wi-Fi access points and remote-start mobile phone apps, help to enhance the enjoyment of the vehicle, they also add more opportunities for advanced attacks. In real life, thieves are hacking keyless entry systems in the UK to steal cars, meanwhile, software recalls have doubled within the past year, and soon they will match mechanical recalls.
The mobile application industry is pushing forward a new level of interoperability that will require heightened security and privacy measures. App developers are in a position where they can reduce the number of vulnerabilities before the app ships. Auto manufacturers are also prioritizing cybersecurity in connected vehicles as a major safety feature to compete with features requiring connectivity.
This article originally appeared on Intertrust.com
Read more about how Intertrust’s suite of products helps automobile manufacturers address privacy and security in the age of the connected car.
Sign up for Analysis on the Best Tech Stocks
I’m an industry insider who writes free in-depth analysis on public tech companies. In the last 12 months, I predicted Facebook’s Q2 crash, Roku’s meteoric rise, Uber’s IPO flop, Zoom’s IPO success, Google’s revenue miss and more. Be industry-specific. Know more than the broader markets. Sign up now. I look forward to staying connected.
If you are a more serious investor, we have a premium service that offers institutional-level research and entry/exit options. This membership offers a competitive edge in identifying growth opportunities and reducing risk in the tech sector. Learn more here.
More To Explore
How Driverless Cars will put Mobile Security to the Test?
As GM CEO Mary Barra said in a keynote speech, “A cyber incident is a problem for every automaker in the world. It is a matter of public safety.” As Tesla, GM and many ...
Why We’re Skipping Coinbase and Prefer Voyager Digital: Overview of Crypto Trading
Voyager Digital is a smaller cap that gives investors exposure to the Bitcoin and crypto trading trend at a reasonable valuation.
Top Tech Stock News: 7 Things You Missed This Week (13-Sep-2019)
Uber Announces New Layoffs Amidst Financial Difficulties
Who is Responsible for the Data Security of 50 Billion IoT Connections?
This article originally appeared on IAPP.org, the International Association of Privacy Professionals. “No matter what happens, don’t panic,” were the words used by hack...
Momentum List: September 2020
This is the inaugural momentum list report written by David Marlin. We will release this report on a monthly basis.
The path to profitability for Uber and Lyft looks more like a dead end
The ride-sharing companies are subsidizing rides and overspending on technology, and soon their very business model may be upended in California.
Will Bitcoin Make a Good Investment? Part 1: Institutional Adoption
The largest bitcoin conference in the world took place last month in San Francisco with many early pioneers discussing why bitcoin has made a good investment for them a...
Autonomous Vehicles: Fact vs. Fiction at CES 2019
Robot dogs from Continental prove that autonomous vehicle hype has gone too far. At CES 2019, Continental announced a way to automate last mile-delivery without requiri...
CES 2019 – AI Assistants Are Multiplying, Are We Privacy-Ready?
To experience CES this year was to experience the sensation of exiting a large football stadium. You essentially walk in a continuous herd of over 180,000 people. There...
GM Stock Risky Due to Autonomous Vehicle Bubble
This week, General Motors Company cut more than 14,000 salaried staff and factory workers with plans to close seven factories worldwide in what Bloomberg calls a “sweep...