Fourth Industrial Revolution

Your car might be at risk from cyberattacks

Padua, Italy volvo car cyber security hacker data smartphone cable safety

“As the technology gets greater market share, it’s critical to get ahead of the curve before there are issues we can’t rein in.” Image: Unsplash/Samuele Errico Piccarini

Caroline Brooks
Public Relations Manager, Michigan State University

There are cracks in smart car cybersecurity that leave them open to potential attack, according to new research that looks at the issue through a criminal justice lens.

“Automotive cybersecurity is an area we don’t understand well in the social sciences. While there are groups of computer scientists and engineers digging into some of the issues, the social aspects are extremely relevant and under-examined,” says Thomas Holt, professor of criminal justice at Michigan State University.

“As the technology gets greater market share, it’s critical to get ahead of the curve before there are issues we can’t rein in.”

As vehicles become smarter and more connected to WiFi networks, hackers will have more opportunities to breach vehicle systems. Connecting your smartphone through a USB port can give a hacker backdoor access to data from both your phone and your car. Additionally, Google Android users who can download apps from unverified sites are even more at-risk.

“The risk with vehicles isn’t just personal data—though that is still a real concern,” Holt says. “Say the car is compromised and a hacker alters certain alert systems that tell a driver when tire pressure is low or so the emergency brake sensory systems don’t kick in. That could lead to loss of life.”

Have you read?

Smart cars have no ‘guardian’

The new research applies a popular criminal justice framework to current forms of vehicle security and provides recommendations for manufacturers and owners to improve safety.

The theory says that in order for a criminal to act three things need to come together: a motivated offender, a suitable target, and a lack of guardian. In the context of vehicle security, he says that motivators and targets are clear, but the presence of a guardian was where vehicles fell short.

“Where we found holes was surprising: there’s no one technically responsible for these vehicles’ central computer systems,” Holt says. “The automotive and equipment manufacturers need to recognize that as it stands, they serve as the guardians in the space, and the onus is on them. They need to take the lead in thinking more critically about data flows, software vendors and how to communicate security with dealerships.”

Holt explains that in a traditional automotive context, an equipment failure would lead to a recall of the vehicle to fix the problem. However, cybersecurity is entirely different.

“It’s critical to think beyond thresholds and recalls because cybersecurity isn’t a recoverable problem, but rather one that requires constant system patching updates, installations, and new codes written,” Holt says. “This is more complicated but needs to be an active guardian process.”

Time to update?

Similar to how smartphone manufacturers release security updates, the only way to disrupt the current problem is to have guardians that are consistently, actively updating system software.

“Not everyone updates their smartphones when they’re supposed to, but customers need to realize that to a certain extent, manufacturers can only do so much. The customer must have a role in protecting their cars as well,” Holt says.

“We can’t expect every vehicle owner to go to a dealership every time there’s a security update. But once the guardians find a way to make it more accessible, they’ll be the ones responsible for protecting their vehicles—and themselves.”

Holt says that it won’t be long before all vehicles have smart capabilities. He fears that it will take too many tragic stories of accidents or breaches to get people to act.

“We need to improve the presence of software guardians and better resources; we also need to think about developing policies to protect users, vehicles, and customers,” Holt says. “There are real benefits to smart cars and autonomous features, but we need to get ahead of the risks before those benefits are lost.”

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Stay up to date:

Cybersecurity

Related topics:
Fourth Industrial RevolutionCybersecurity
Share:
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
World Economic Forum logo

Forum Stories newsletter

Bringing you weekly curated insights and analysis on the global issues that matter.

Subscribe today

What companies do now will determine their future in the Intelligent Age

Mihir Shukla

December 23, 2024

The rise of gender-inclusive agritech and why it matters

About us

Engage with us

  • Sign in
  • Partner with us
  • Become a member
  • Sign up for our press releases
  • Subscribe to our newsletters
  • Contact us

Quick links

Language editions

Privacy Policy & Terms of Service

Sitemap

© 2024 World Economic Forum