When people buy computers, one of the first things they do is download virus protection. Even seemingly innocent websites and emails can contain malware, spyware and other cyberthreats that target personal information and documents. They want their systems to be as safe as possible so they install software to protect it.
However, in today's increasingly connected society, more than just computers are in danger. Anything with cellular data or a Wi-Fi connection - such as smartphones or tablets - can easily be hacked. Unfortunately, there's a device that is even more at risk. With cars' new computer systems, anyone with a Wi-Fi connection, the know-how to do so and a bit of software coding can take control out of owners' hands. Manufacturers will have to incorporate more testing into the supply chain to figure out how to stop these cyberattacks from occurring.
Cars open to cyberattacks
With people wanting access to their mobile applications at all times, it only made sense for manufacturers to give them those capabilities while driving. Now, cars are connected to the Internet and share cellular data on family phone plans. However, this leaves them open to attack.
In a study in 2011, researchers from the University of Washington and the University of California at San Diego hacked into a sedan's computer system to disable the locks and brakes. They also determined that the radio, GPS system and real-time monitoring devices can be completely taken over with a phone call to the vehicle's system.
Currently, another study is reaching its final stages. In 2012, Charlie Miller and Chris Valasek started researching to expand on the universities' study. They learned about cars' systems inside and out, and, within the next year, they were able to hack into the electronic control units while connected to the vehicles, Wired explained. Since then, the researchers have discovered how to wirelessly take over some car models, and they found that distance doesn't matter when it comes to hacking. As long as they had an Internet connection, Miller and Valasek were able to detect cars around the U.S. They could plot map points of drivers' locations and control the radio, wipers, and heating and cooling system. Miller and Valasek could even cut the engine if they chose to. Nothing was safe from their computers.
Government taking steps to protect drivers
The 2011 researchers didn't publish specifics about the make and model of the car, but Miller and Valasek had no qualms about doing so. They felt that manufacturers had enough time to make securer systems, yet the businesses didn't do enough to protect the computers from cyberattacks, Wired claimed. The researchers will publish their findings with the hope that it will force manufacturers to step up security.
The federal government has the same beliefs. After reading Valasek and Miller's study, Senators Edward Markey and Richard Blumenthal have proposed legislation that will require the National Highway Traffic Safety Administration and the Federal Trade Commission to establish guidelines to protect drivers. The Security and Privacy in Your Car Act will call for protection at all potential entry points and will require systems to block attacks and alert companies and drivers of hacking attempts. The SPY Car Act will also establish a dashboard that will inform car owners of each models' security capabilities.
"Drivers shouldn't have to choose between being connected and being protected," Markey explained in the statement. "We need clear rules of the road that protect cars from hackers and American families from data trackers. This legislation will set minimum standards and transparency rules to protect the data, security and privacy of drivers in the modern age of increasingly connected vehicles."
Car manufacturers have missed a crucial step in the supply chain to ensure their vehicles are safe. While testing for durability of products' individual parts, such as steering and braking, they will also need to start evaluating the security of their computer systems.