Connected Cars Vulnerable to Mass Cyber Attacks

Photo via Wikimedia Commons.

Consumer Watchdog, a nonprofit group has issued a report with the help of car industry technologists that explains the issues that may arise with car and consumer safety as internet connected vehicles become widespread.

The report titled, “Kill Switch: Why Connected Cars Can Be Killing Machines and How to Turn Them Off,” explains the high susceptibility of malicious hacking that may occur if automakers do not act.

The report warns that many automakers may be withholding information and keeping consumers in the dark about critical safety issues that may arise with internet connected vehicles. It also adds that the results of malicious hacking can end in catastrophe to the degree of the 9/11 attacks. 

"Allowing consumers to physically disconnect their cars from the Internet and other wide-area networks should be a national security priority," said Jamie Court President of Consumer Watchdog. "If a 9/11-like cyber-attack on Americans cars were to occur, recovery would be difficult because there is currently no way to disconnect our cars quickly and safely. “

Consumer Watchdog's report recommends that, as soon as possible, every connected car come with an Internet kill-switch that physically disconnects the Internet from safety-critical systems. It concludes that future designs should completely isolate safety-critical systems from infotainment systems connected to the Internet or other networks.

More than 20 car industry insiders took part in generating the report and touched on several topics related to consumer safety and the vulnerabilities of these vehicles.

Many of the topics included are:

  • Vulnerability of internet connected vehicles.
  • Americans roads will soon be connected to cars’ safety critical system.
  • Smartphone technology for cars is not made with car safety in mind.
  • Connected cars have suffered more than half a dozen high-profile hacks in recent years.
  • The car industry ignores security holes.
  • Car hacking demonstrations to date have always focused on a single vehicle, but the networked nature of connected cars creates numerous avenues for a fleet-wide attack.
  • Car makers often do not know the origins of the software they use, nor their true risks.
  • Consumers are driving cars whose systems run on unfinished and under-tested software.

"Connecting safety-critical systems to the Internet is inherently dangerous design," said Court.  "American car makers need to end the practice or Congress must step in to protect our transportation system and our national security."

Read the full report here

Originally posted on Automotive Fleet