The danger of car hacking is probably closer than you think


  • Connected cars are great, until they aren’t. A recent Detroit Free Press article shows that vehicle hacks are more common and dangerous than most people realize.
  • There were at least 150 auto cybersecurity incidents in 2019, part of a 94% year-over-year increase since 2016, according to an Upstream Security report.
  • Oh, and here’s one phrase we don’t like to see, although we’ll probably come across it a lot more in the future: ransomware for cars.

    It is not possible to remotely hack an unconnected car. But if you’re not driving Tautology Motors’ latest vehicle, your vehicle is likely exposed to some sort of digital intrusion. In fact, almost any car on the road today, if they can hook up, can be hacked to some extent.

    That’s the opinion of Moshe Shlisel, CEO and co-founder of GuardKnox Cyber ​​Technologies, a company that focuses on protecting vehicles from these types of attacks.

    “The more sophisticated the system, the more connected your vehicle is, the more exposure you are,” Shlisel told the Detroit Free Press. “We took any model [car] you think and we hack them through various places. I can control your direction, I can stop and [start] your engine, check your brakes, doors, wipers, open and close your trunk. “

    Shlisel isn’t the only one trying to predict and prevent hacking threats. Upstream Security released its annual Global Automotive Cybersecurity Report which lists the top cyber incidents of 2020. These included a hacker taking control of “Tesla’s entire fleet of connected vehicles by exploiting a vulnerability in the mechanism server side of the OEM “and hackers taking” full control of an OEM’s corporate network by reverse-engineering a vehicle [telematics control unit] and using the telematics connection to infiltrate the network. “

    The Free press cited the Upstream report, which states that there was a 99% increase in cybersecurity incidents (to 150) in 2019 and a 94% year-over-year increase since 2016. With more From integrated communication methods in new vehicles, to updated technologies from the air, this trend is unlikely to be reversed anytime soon.

    Ransomware for cars is coming

    All of these attacks mean that automakers need to take a proactive stance in this fight. Part of the defense strategy of automakers is to ask ethical “white hat” hackers to show them where cars are vulnerable in exchange for monetary rewards or, in some cases, jobs. The famous hacker duo who took control of a Jeep Cherokee in 2015 now work for Cruise, the autonomous vehicle subsidiary of General Motors.

    Michael Dick, CEO of C2A Security, an Israeli automotive cybersecurity company, told Free press he expects the current trend of hackers holding digital data on computers for ransom to move to cars at some point. When this happens, the driver will not be able to start their vehicle until they pay the hacker or suffer the consequences. “There is no way around this,” he said. “You’ll have to get it towed and get brand new software to start it.”

    For some transport companies, ransomware attacks have already occurred. The Upstream Security report mentions a ransomware attack on Australian transport company Toll Group, which affected 1,000 servers and 40,000 employees. And Honda was forced to shut down production in June 2020 due to ransomware attacks on factories in Europe and Japan.

    Upstream Security recommends three ways that automakers can build secure vehicles, and they are all complicated. First, safety must be part of the design of every component. Second, there must be a multi-layered cybersecurity solution that involves security defenses in the vehicle, the computer network, and the cloud. Third, automakers need to develop vehicle security operations centers “to quickly monitor, detect and respond to cyber incidents to protect vehicles, services, fleets and road users.” The ability of the auto industry to put these defenses in place will define how much drivers love their connected cars, as the risks are better understood.

    This content is imported from {embed-name}. You may be able to find the same content in another format, or you may be able to find more information, on their website.

    This content is created and maintained by a third party, and uploaded to this page to help users provide their email addresses. You may be able to find more information about this and other similar content on


    Leave A Reply