Today’s automobiles are increasingly high-tech. They can provide real-time guidance about getting to a destination for the first time and even take automatic actions to prevent someone from colliding with an object or veering too far into the adjacent lane.
Cloud technology plays a major role in those advantages. However, some analysts worry inadequate cybersecurity could create risks for vehicle-to-cloud-connectivity.
Cybercriminals Have a Broad Attack Surface
Executives at Toyota recently announced a push towards making more of the company’s cars capable of receiving over-the-air (OTA) updates. On the one hand, that’s a positive development that allows developers to roll out code updates faster without requiring car owners to take specific actions to download the content. However, the increased reliance on cloud connectivity could give hackers more chances to cause problems.
Statistics indicate there are approximately 10 million Lexus and Toyota-connected vehicles. Some can receive OTA updates now, but the company wants to expand its capabilities, including launching a new operating system. Toyota’s forecast also anticipates its average car will have nearly 8,000 lines of code by 2025. The earliest models of its connected vehicles had less than 500, for comparison.
Early news from Toyota indicates these OTA updates affect cars’ entertainment systems and safety features. For example, advanced driver assistance systems (ADAS) technology can automatically apply the brakes to stop someone from causing a fender bender.
However, the company also wants to use cloud technology in more innovative ways. Its new Lexus NX takes information from the cloud and navigation software to predict the road and use that data to better utilize the electric energy stored in hybrid powertrain batteries.
Connected car hacks are not far-fetched ideas. Researchers showed how vulnerabilities let people turn off a car’s motor remotely or drain its battery. As automobiles get more advanced and dependent on the cloud, cybercriminals will likely look for even more ways to infiltrate systems.
Poor Automotive Cybersecurity Could Reduce Car Tech Interest
Self-driving cars are no longer just exciting concepts. Uber has launched pilot programs to test driverless taxis, for example. However, autonomous cars are extremely dependent on cloud technology, and that reliance could become even stronger soon.
Industry sources suggest a Tesla cloud provider will soon store data about everyone who drives the company’s vehicles. That information currently resides within each car rather than the cloud and includes details about a person’s preferred seat, mirror settings, music preferences, and more.
The company also wants to introduce more people to self-driving cars, and it may do that via an upcoming ride-hailing service. However, safe vehicle-to-cloud connectivity is an instrumental aspect of making people embrace and trust such offerings.
Automotive technology is now more affordable, too. For example, electric car components, including batteries, experience a 20 percent price reduction each year, according to one study. This is likely due to ongoing sourcing and manufacturing improvements. However, if people think high-tech cars come with too many security risks, they may not want to purchase them.
Providers take proactive steps to protect data in the cloud, such as implementing security updates and undergoing third-party audits. However, Michael Dick, CEO and founder of C2A Security, said that many automakers are not as aware of software in a car as consumers may think. “If you ask a manufacturer what kind of software is in a vehicle, they wouldn’t be able to tell you. In part, that’s due to a complicated supply chain in automotive,” he explained.
Too Much Reliance on ADAS Technology
Even though cloud computing companies have specific procedures to secure customers’ data, it’s still wise for people to take matters into their own hands as well. For example, they should choose strong passwords and activate two-factor authentication (2FA) when possible. Taking personal responsibility applies to driving cars equipped with automated features, too.
A recent study involved performing four tests on 17 vehicles to see how each car reacted to a driver’s inattentiveness or irresponsible actions. For example, a tester took their hands off the wheel or unbuckled their seatbelt to see how long it took the car to recognize and flag those decisions.
The most extreme test involved a driver getting out of their seat and letting the car operate entirely independently. All the assessed vehicles failed to stop moving immediately when a driver slipped over the console into the passenger seat.
Cloud connectivity makes cars capable of amazing things. However, the advancements may make people have unrealistic expectations about what these vehicles can do. For example, a widely reported allegation about the first fatal self-driving car crash was that the owner was watching a “Harry Potter” film at the time of the impact, making him unable to respond quickly enough when things went wrong.
Manage the Risks of Cloud-Connected Cars
People are becoming more interested in cloud-based security and understanding they must actively reduce threats whenever possible. That sometimes means investing in specialized tools. For example, Sophos Cloud Security features a threat detection engine that uses artificial intelligence to detect unusual activity.
Cloud security tools for cars are not as widely available as those for computers, but that’s starting to change. GuardKnox, Karamba Security, and SafeRide Technologies are some of the 20 or so companies specializing in automotive cybersecurity. Consumers thinking about purchasing a highly connected car may want to think about simultaneously buying a security tool to keep it safer.
People should also stay updated about potential risks. For example, could Tesla cloud provider news have unintended ramifications? What potential downsides exist for a feature marketed to consumers that makes driving more convenient and fun?
However, the security burden also falls on manufacturers. The European Union will soon enforce regulations to reduce vehicular risks. Those mandates include ensuring cars have cybersecurity management systems and mechanisms for updating automobiles’ software.
Heightened Awareness: A Necessary Part of Safe Driving
Today’s drivers know many factors of safe driving lie outside their control. A person could do everything necessary to stay alert, follow road rules, and never get behind the wheel while under the influence. However, they could still get into an accident if another driver fails to stop fully at an intersection or engages in another potentially dangerous decision.
That’s why remaining aware of what happens on the road is essential for anyone wanting to stay safe. That’s true whether a person has a vintage vehicle with no cloud connectivity or a top-of-the-line model that nearly drives itself. Increasingly advanced cars don’t guarantee safety. However, problems are less likely to occur when people stay aware of risks and work to actively minimize them.