Free up to 1MM monthly messages. No credit card required.
Matthew Young is a Boston based freelance writer. As an aspiring automotive journalist looking to make a name for himself in the industry, he is passionate about covering anything on four wheels. When Matthew is not busy writing about cars or new emerging tech, he usually spends time fiddling with his camera and learning a thing or two about photography. You can tweet him @mattbeardyoung.
The future of the car has been decided, and it involves an always-on data connection that can enable new types of interaction and data aggregation for both auto manufacturers and motorists. Much has been said on the connected car and its impact on daily driving, but one topic remains scarcely covered as cars converge with high-speed mobile data connections.
Hacking, which has become all too common on personal computers, tablets, and smartphones, poses a real threat to the connected car market as these models become more widespread and more advanced. With anywhere from 50 to 100 miniature computers found underneath the hood, cars are an easy, if moving, target for today’s hackers. Before buying into the connected car revolution, and paying a premium for these features, it’s a good idea to understand the three types of hacking that affect connected cars and what the potential impacts of these hacks could be.
Connected cars feature both wired and wireless points of entry for malicious code that could do anything from remotely disabling the ignition to stealing valuable consumer data. The three types of hacks that affect connected cars include each of the following:
Remember, up to 100 tiny computers are installed inside most of today’s most popular cars. The number of functions controlled by these chips is always increasing, but currently includes things like automatic headlights, blind spot monitoring, keyless ignition systems, speed regulation, automatic door locking, brake systems, and much more. Despite each of these tiny computers working on a separate function of the vehicle, compromising the entire system is possible thanks to the car’s use of a Controller Area Network (CAN) bus.
The CAN bus ties all of the computer and information systems installed in a vehicle together. That means it’s possible to create a targeted attack, through the CAN bus system, that disables only certain components of the vehicle. This could result in a potentially more serious risk to personal safety in a worst-case scenario. Despite the use of this in-car communications system and the risks that come from a connected vehicle, some protocols can be put into place to prevent malicious access to the underlying technologies in connected vehicles.
In 2011, researchers at the University of Washington and the University of California San Diego collaborated on a project that sought to fully hack and compromise a car through its OBD-II information port. The attempt was successful, and the researchers were able to successfully compromise the vehicle with relative ease. This set off alarm bells in the automotive industry. Ever since, car manufacturers have been making small adjustments to car technologies in an effort to prevent even more serious hacks, especially those over short-range or long-range wireless signals, from succeeding. These measures include:
Steps like these are essential to improving the security of connected cars, including today’s most at-risk models. In an examination of the potential “points of entry” for hacking attempts, cars like the Ford Fusion, Cadillac Escalade, and Jeep Cherokee were found to be most vulnerable. Each respective manufacturer is pioneering new ways to keep these cars, and future models, safe from malicious attacks.
Despite the real possibility of hacking connected cars, actual hacks “in the wild” remain very rare. Even the researchers at the University of Washington and the University of San Diego were only able to hack a vehicle through a physical connection and not a wireless one. Furthermore, hacking a car would take considerable time and financial resources, would require hackers to focus on a single vehicle model or driver.
Currently, this type of hacking just isn’t an affordable, profitable, or practical pursuit. Thankfully, this means that malicious hacking of connected cars remains exceedingly low. It’s likely that this will remain the case well into the future, but preventative measures taken now will prevent serious safety headaches down the road.
A Notice of Privacy Practices (NPP) is one of the requirements of HIPAA and helps patients understand their personal data rights.
HIPAA covered entities must follow the five technical safeguards to achieve HIPAA compliance and prevent data corruption.