Cybersecurity Threat To Connected Vehicles Threatens Auto Industry

LIVONIA ? The cars cranked out by Detroit automakers these days are loaded with computers all connected to mobile services that lets drivers plug-in a myriad of apps. But the downside of this digitization driving experience is today?s cars also have become a target of opportunity for hackers seeking to harvest a cornucopia of highly vulnerable personal information.

This cybersecurity threat was the focus Tuesday of a breakfast briefing by the Center for Automotive Research. The huge crowd of 220 registered attendees ? the second largest to attend any CAR breakfast briefing ? provided proof that the hacking threat has become a major concern among auto industry executives.

?Why hack a car,? asked panelist Annja Sonalker, Lead Scientist and Program Manager, Battelle. ?Cyber criminals are looking for scale. Cars are talking to cars. The connected car is a springboard to get into our infrastructure.?

For instance, a driver could use his Bluetooth network to connect his smart phone to check his bank balances. A hacker could load malicious code into the vehicle that then harvests the driver?s bank log-on and password, Sonalker said.

The vulnerability will only get worse. Today?s cars have about 100 million lines of computer code. In a few years, code will triple to 300 million lines, what with packing even more computers and computerized devices into cars, as well as connecting one vehicle to another or to what will become smart connected highways.

?If we don?t solve the cyber question, the rest of our future is in jeopardy,? said Andrew Brown Jr. – Vice President & Chief Technologist, Delphi. ?We?ll have 50 percent more vehicles on the road in the next 10 years. Connected vehicles will be a big part of it.?

Right now, the latest cars have 16 to 18 hackable points, said Praveen Narayanan – Research Manager, Automotive & Transportation, Frost & Sullivan. Bluetooth, and USB ports, both are easy access points today because of the lack of cybersecurity protection.

Then there?s the supply chain, said Brett Hillhouse – WW Engineering Solutions Executive, Internet of Things, IBM.

?Malicious code downstream could infect the entire network,? he said.

Hillhouse said car vulnerabilities rank right behind aerospace and medical devices. What is needed to shore up the holes is the same technology used in smart cards. Technology used in other industries that are more secure needs to be adapted for cars, he said.

?The question becomes security at what level? How much can the car buyer afford??

All the speakers agreed the auto and computer industries need to come together to develop comprehensive cybersecurity standards that would be consistently applied across all vehicle lines. Today some 25 different vehicle cybersecurity standards are in place.

To view each speakers? slide show and read their prepared remarks, Click on CarGroup.Org