Connected Cars Vs. Cybercrime: Tough Fight - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Government // Cybersecurity
09:06 AM
Connect Directly

Connected Cars Vs. Cybercrime: Tough Fight

Automakers should consider adding real-time intrusion detection and response capabilities, National Highway Traffic Safety Administration says.

9 Innovative Products: Designers Of Things Conference
9 Innovative Products: Designers Of Things Conference
(Click image for larger view and slideshow.)

The sophisticated electronic components that are making modern cars safer, greener, and smarter are also making them dangerously vulnerable to cyberattacks.

Dealing with the threat will require automakers to think beyond typical preventive security measures such as encryption, strong authentication, and system segmentation, the National Highway Traffic Safety Administration (NHTSA) said in a report this week.

The report, and two others also released this week, summarizes the NHTSA's research on the security risks raised by the introduction of increasingly complex electronic components in modern cars.

It advocates the need for automakers to consider integrating real-time intrusion detection and response capabilities and methods for quickly extracting, analyzing, and disseminating threat data from compromised systems. Automakers and other industry stakeholders have until Dec. 8 to comment and respond to the report's findings.

[Will Twitter's lawsuit start a trend? Read Twitter Sues US Government Over Surveillance.]

"Our research across other industries indicates that prevention of cyber-threats would be impractical if not impossible," the NHTSA noted in advocating multi-layered defenses for next-generation automobiles.

The Moving Ahead for Progress in the 21st Century Act (MAP-21) requires the NHTSA to review the need for new security and safety standards for electronic systems in passenger vehicles.

As part of that effort, the NHTSA has been directed to review the security implications of new electronic components in automobiles, the interaction of electronic components with other components, and the effect of surrounding environments on the electronic systems in a vehicle.

Ford's collision mitigation system uses radar to detect, warn, and, if necessary, activate braking to help drivers avoid collisions with vehicles in front of them. (Source: Ford)
Ford's collision mitigation system uses radar to detect, warn, and, if necessary, activate braking to help drivers avoid collisions with vehicles in front of them. (Source: Ford)

As the NHTSA notes in its report, cars built after 2009 have more than 60 independent electronic control units (ECUs) in them for controlling everything from heating and entertainment systems to steering, braking, and engine-monitoring functions.

Each of these ECUs is accessible either through wired interfaces such as USBs and SD cards or wireless interfaces including Bluetooth, WiFi or near-field communications. Autonomous vehicles like Google's futuristic concept cars are likely to pack a lot more of such components.

The technologies promise to make cars a lot safer and convenient to drive. Vehicle-to-vehicle communication technology for instance, could help reduce crashes by helping drivers maintain an optimal distance from other vehicles at highway speeds.

But like other connected electronic devices, the ECUs in modern vehicles are also vulnerable to accidental or deliberate compromise and manipulation. Security and auto industry researchers fear that the wired and wireless

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 2
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Remote Work Tops SF, NYC for Most High-Paying Job Openings
Jessica Davis, Senior Editor, Enterprise Apps,  7/20/2021
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
Flash Poll