In recent years, the automotive sector has undergone several rapid changes, including connected and autonomous vehicles, advanced driver assistance systems, and smart transportation. Although they have increased driver comfort and safety, these innovations are also associated with technological challenges—especially in the areas of data privacy and cyber security. According to The Business Research Company, the automotive cyber security market size is expected to reach US$4.16 billion by 2026, growing at a rate of over 19%. The good news is that automakers are adding hardware and software for better cyber defenses. The bad news is that criminal hackers are gaining more advanced capabilities. Furthermore, there are now more attack surfaces to hack and exploit.
It is important not to undersell the scale of this potential cyber attack problem. In 2021, only 32% of all American cars were “connected,” sending and receiving data on a regular basis. By 2025, that number may top 50%. Then in another ten years, the percentage of new US vehicles that will be connected is predicted to hit 95%. This expands the cyber attack playing field from just under a third of all new vehicles to almost all new vehicles.
Types of Attacks
One clear trend is the growth of remote hacks, which includes both web-based and nearby wireless attacks such as key-fob hacks. Remote hacks make up the majority, now accounting for about 85% of attacks. Upstream, a cyber security and data management platform, revealed that cyber attacks on cars have soared 225% in the last three years. They found that the most common automotive cyber attacks saw a data or privacy breach, followed by car theft or a break-in via the car’s wireless key fob mechanism.
“Without effective cyber security, everything from the infotainment system to the engine control unit is at risk. The issue is that the move toward connected, autonomous vehicles is outpacing automotive cyber security measures and regulations,” explained Charles Griffiths, Head of Technology and Innovation at IT of website AAG. Once carjackers enter a car with a cloned key, they can hack the engine control unit to turn the engine on and drive away. For cars in motion, hackers can tamper with settings like the auto brake or steering, potentially causing a serious accident.
Upgraded Technology Comes with New Threats
The push towards more sophisticated levels of autonomy in the automotive sector is a challenge for security. Adding data-exchange and GPS signal-guidance to vehicles benefited drivers, but the extra technology increases the potential for significant cyber attack. Signals and data are weaknesses that we have intentionally introduced into vehicles in the last 20 years in favor of end-user benefits. And so far, these benefits have massively outweighed the risks.
Signal attack vectors are predicted to narrow over the next 20 years—making it harder for attackers and safer for drivers. Data interchange density problems and security weaknesses still exist, making vehicles the next version of the email hack (where there is unsecured data, there is money to be made from stealing that data). Currently, the responsibility for ensuring any such hack is unsuccessful is split between the individual vehicle component manufacturers, the overall vehicle manufacturer, and the seller of the vehicle. With the responsibility net unclear, unhardened security, and a vast array of potential data-targets, you have near perfect conditions for hackers.
Changing How We See Vehicles
Many technology-savvy people are very protective of their data. They’ll install the most impressive data security they can afford on their computer system, monitor their credit cards for fraud, and take other security measures. However, historically, people haven’t needed to think of their cars as a data-risk. As such, there isn’t a huge demand for ruggedized data security in vehicles. The connected car changes the very nature of what a car is, and mitigation of data-theft from connected cars has yet to mature. Until it does, high security is likely to remain a paid-for add-on for the foreseeable future.
Focus on Automotive Cyber Security
As the automotive industry continues to produce connected and autonomous vehicles, there is a need to better understand the safety and security of this technology. Automotive Cyber Security: Protecting the Vehicular Network is a five-course program that aims to foster the discussion on automotive cyber security solutions.
Contact an IEEE Content Specialist today to learn more about getting access to these courses for your organization.
Interested in the course for yourself? Visit the IEEE Learning Network.
Resources:
Bradley, Tim. (28 June 2022). Cyber attacks on cars up 225 percent: how hackers could be targeting your vehicle. Express.
Fyler, Tony. (21 July 2022). Cyber-Attack Vectors in the Automotive Sector – Part 1: Signal Attacks. TechHQ.
Fyler, Tony. (21 July 2022). Cyber-Attack Vectors in the Automotive Sector – Part 2: Data Attacks. TechHQ.
FWM. (August 2022). Evolution of the automotive sector – data privacy and cyber security. Financier Worldwide Magazine.
Juliussen, Egil. (29 June 2022). Automotive Cybersecurity: More Than In-Vehicle and Cloud. EE Times Europe.
Liao, Rita. (25 July 2022). Real Driverless Cars Legal in China’s Shenzhen. TechCrunch.
MRH. (27 July 2022). Smart Transportation Market Segments, Opportunity, Growth and Forecast by End-use Industry 2022-2030. This Is Ardee.
Straits Research. (25 July 2022). Advanced Driver Assistance System Market Size is projected to reach USD 57.90 Billion by 2030, growing at a CAGR of 18.3%. GlobeNewswire.
TBRC Business Research Pvt Ltd. (20 July 2022). Automotive Cybersecurity Global Market to Grow at Rate Of 19% Through 2026. EIN Newswires.
No comments yet.