Connected cars not yet secure
26 April 2016
Author: Tristan Young
Connected cars are likely to be open to hacking for the next 10 years, according to internet security firm boss Eugene Kaspersky speaking in a Financial Times interview.
In the interview Kaspersky, the founder of Kaspersky Lab, said today's vehicles were "more safe but less secure" because of the array of connected gadgets on board, from safety sensors and GPS trackers to music-streaming capabilities and high-speed internet links.
He said he believed that it would take car makers up to 10 years to build cars that were secure.
Fleets could be at the sharp-end of any car hack as a vehicle out of action could have a larger cost that simply lost transport. Hackers could also ransom businesses if they could control its vehicles in the same way that recent reports of ransomware, software that holds a computer user's data hostage, have done.
Last year hackers demonstrated the vulnerability of some Fiat Chrysler cars which led to the manufacturer recalling 1.4 million vehicles - the majority of which were in the US.
According to a report by Statista, nearly 5.5% of new cars sold this year will be internet connected, rising to more than 25% in 2020.
BMW is one of the leading brands with connected car technology and it claims security is of paramount importance. Speaking to BusinessCar earlier this year Stephan Ponikva, head of BMW's connected cars systems, said security was the reason it wouldn't let third parties, including fleets, access its connected data.
He also said the information gathered by the car is encrypted and anonymised in most cases, the only time it is visible is either when the driver chooses to make it available to a third party, or in the case of an emergency through the eCall system to let the emergency services know the location of the vehicle.
Meanwhile, car security could also be at risk in the service centre. At a NullCon cyber security conference this March Craig Smith, an automotive hacker, demonstrated how he could turn a car into the host for a software virus that would then transfer itself to a workshop's diagnostic software when the two are plugged together during a service. Smith also showed that the virus would then spread to every car to which the diagnostic equipment was subsequently connected.