Tag Archives: digital security

The threat to modern vehicles in the digital age

The German Karl Benz is the man who invented the modern car. Starting a blog with such a statement is bound to provoke some criticism because it can be easily argued that he wasn’t. For example, Ferdinand Verbiest, a Flemish Jesuit missionary from the 17th century is a legitimate contender as the modern car’s founding father. You can go even further back and make the case that Guido da Vigevano, an Italian inventor came up with the original concept in the 14th century.

Whatever your sentiments, from wind powered four-wheeled devices to engine-powered open top vehicles like the Benz Velo Model to today’s computer-powered behemoths, the evolution of the car has been unpredictable.

For computers to have ever been associated with vehicles in the way they are today would have been thought unimaginable both from a technical and aesthetical point of view. But normal laws do not bind technology so to speak – it develops in a fashion that is often hard to predict. Where will we be in 20 years time? We can estimate, but chances are it’ll be different.

“We are living in a world of incredible modern conveniences,” begins McAfee’s 2011 report Caution: Malware Ahead – An analysis of emerging risks in automotive system security.

“Computer chips, embedded in all aspects of our daily lives, have made it possible to have access to all kinds of information when and where we need it. Through internet protocols, these once dumb devices can now communicate with you and with each other in amazing, unprecedented ways.

The report goes on to discuss embedded systems and how historically information would only travel in one direction. Today it’s a two-way structure and these systems have become part of the very fabric of modern motors.

Consequently, they need security measures, which by natural deduction, implies they can be hacked into. It’s an unfortunate by-product of an era defined by gadgets, technology, the digitalisation of all sectors and the want to be connected. Convenience too is a big driver – pardon the pun – in the technological modifications made to cars.

We want to have the ability to start up a car using a smartphone, to have GPS systems integrated and hooked up to the web to provide ongoing, real-time updates and for our cars to have intuitive programmes that can respond to incidents quicker than us. What we want is what we get.

The worry, McAfee’s report states, is that little has really been done to provide security to these modcoms. When someone else can control your car, the risks become all too clear.

“The first remote keyless entry systems did not implement any security and were easily compromised: a regular learning universal remote control for consumer electronics was able to record the key signal and replay it at a later time,” the report says.

Security professionals working in information security and risk management will agree that these kinds of shortcomings need addressing. Indeed, as research has categorically pointed out, this allows for malicious software and hardware manipulation to become a regular feature of car crime and car theft.

It’s a fascinating area that is becoming evermore pressing the more sophisticated cars become and thus, the need to develop complex and secure safety systems to protect vehicles will become a bigger area of responsibility for some cyber security professionals.

Technology has had the ability to transform the one-time, wind powered vehicle into a titan of comfort, entertainment and drivability. Let’s keep it that way with in-car and remote security modernisation now and in the foreseeable future.