In the Future, Internet-Connected Car Security Is Only Getting Tougher

The rapidly developing world of self-driving cars will create an entirely new form of life in major cities across the world: Cars will be able to interact with each other and with their surroundings, creating massive amounts of data that can help solve traffic problems or, analyzed incorrectly, make everything worse. And don’t get me started on the security problems.

Cloud Security Alliance is on the job: Their Internet of Things (IoT) Working Group has just release the first-ever research report on connected vehicle security. In addition to outlining almost 20 different attack vectors and their impact on a driver or vehicle, the report offers plenty of recommendations for how to best secure a connected vehicle in an environment full of them. The report is just out today. Here are the highlights.

The Risk Factors

CSA sees four main predictions about the connected vehicles (CVs) of the future:

  • CVs will operate while communicating with both legacy and modernized traffic infrastructures and their sensors.
  • Traffic Management applications and vehicles will interact with cloud services using a mixed set of transport protocols (RF/ WiFi, etc).
  • OEM and 3rd party applications will be installed on vehicle platforms and traffic infrastructure components to provide enhanced capabilities.
  • CVs will integrate with the IoT ecosystem to support vehicle integration with smart homes and smart businesses.

The bottom line: A fully connected IoT future is practically a sure thing, and that means cars will have far more security concerns. It’s easy to mess up and tough to get right.

Emphasize Open Standards

New car features can allow owners to start their vehicle remotely, track its location, and even ask it to give information about its last trip. To properly secure these abilities, car tech should operate on openly acknowledged standards that will allow everyone to enjoy the benefits of quality control.

“The tie-in to a product like the Amazon Echo means that a consumer can, in some circumstances, start his or her car with a voice command to a smart home product. Locking down this command and control capability across all of the disparate components involved — smart home product, mobile app (x2), communications channel, vehicle platform — should be a focused and coordinated effort on behalf of the automobile and tech industries, with an emphasis on open standards.”

CV tech has already been studied by researchers, the report notes:

“1.4 million cars and trucks were recalled by Fiat Chrysler in June 2014, followed by the recall of an additional 8,000 Jeeps (2015 Renegades) due to address remote hacking concerns. Fiat Chrysler is not the only car manufacturer having experienced hacks of their CV ecosystem: in August 2015, researchers managed to take control of a Tesla Model S and turned it off at low speed. Fortunately, Tesla quickly and remotely delivered software updates to fix the issue. In September 2016, a remote attack was discovered through the Tesla Bug Bounty Program.”

The report gets deep into the weeds, offering a comprehensive list of the specific pain points a CV developer should be aware of in order to keep the future of our road relatively secure.

Could the potential security problems be basically what happened in the last Fast and Furious movie, when a hacker took over hundreds of cars in the middle of New York City? Probably not. But let’s not even get close to that.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Adam is a writer at Tech.co and has worked as a tech writer, blogger and copy editor for more than a decade. He was a Forbes Contributor on the publishing industry, for which he was named a Digital Book World 2018 award finalist. His work has appeared in publications including Popular Mechanics and IDG Connect, and his art history book on 1970s sci-fi, 'Worlds Beyond Time,' is out from Abrams Books in July 2023. In the meantime, he's hunting down the latest news on VPNs, POS systems, and the future of tech.
Explore More See all news
Back to top
close Building a Website? We've tested and rated Wix as the best website builder you can choose – try it yourself for free Try Wix today