Cybersecurity & Connected Cars

In an era where technology seamlessly integrates with every aspect of our lives, vehicles have transformed from modes of transportation into sophisticated, connected devices.  This offers amazing convenience and access to our lives on the go, but it also adds them to the realm of the Internet of Things (IoT) devices. 

Like any device that connects to the internet, your connected vehicle becomes susceptible to various cybersecurity threats.  That’s why it's very important to adopt robust security best practices to safeguard your vehicle's intricate systems from potential vulnerabilities and malicious intrusions.

What Are Connected Cars?

Connected vehicles communicate digitally with other devices, infrastructure, and even other vehicles.  A fundamental aspect of their connectivity relies on accessing the internet, which is primarily facilitated through a Wireless Local Area Network (WLAN) or Wi-Fi. 

With the integration of Wi-Fi, connected cars perform functions like receiving real-time traffic updates, accessing cloud-based navigation systems, streaming entertainment, and enabling over-the-air software updates.  

This connectivity also supports critical safety features, including automatic emergency braking, lane keeping assistance, and advanced driver-assistance systems (ADAS) that rely on data exchange for optimal performance. 

• Regularly check for and apply updates to the car's firmware or connected apps.  Automakers often release patches to address vulnerabilities.

• Use multi-factor authentication (MFA) wherever possible for connected car accounts and associated apps. Avoid default or weak passwords.

• Only share necessary information when using connected car services.  Avoid linking excessive personal data to vehicle systems.

• Turn off unnecessary connectivity features like remote start or location sharing if they are not actively used.

•  Protect the SIM card and phone accounts associated with the car.

• Avoid accessing connected car systems over public Wi-Fi networks.  Use a virtual private network (VPN) if needed.

• Vet third-party apps for security and only download from trusted sources. Avoid granting unnecessary permissions.

• Employ traditional security measures like steering wheel locks or GPS trackers as a backup against cyber threats.

This data can range from driving habits and location information to infotainment preferences and diagnostic reports.  Prospective owners should also ask about the types of data gathered, where it is stored (onboard the vehicle, in the cloud, or both), and for how long. 

You should also understand the security protocols in place to protect your sensitive information from unauthorized access, breaches, and malicious attacks.   This includes asking about encryption methods, cybersecurity certifications, and the manufacturer's incident response plan in case of a data security event.

Conclusion

Connected vehicles give us unprecedented convenience and safety, but they also require strong cybersecurity measures.  The absence of these opens the door to a wide array of vulnerabilities, including unauthorized access to personal data stored within the vehicle's infotainment system, to far more critical threats that jeopardize safety.

Malicious actors could exploit weaknesses to gain control of vehicle systems, potentially leading to dangerous scenarios like remote manipulation of steering, braking, or acceleration, or even disabling critical safety features.  This could have catastrophic consequences, not only for the occupants of the vehicle but also for other road users and pedestrians.

More Information

• What is a Wireless LAN? 

• What is Wi-Fi? 

• Driver Assistance Technologies 

• What is Multi-Factor Authentication (MFA) and How Does it Work? 

• Internet of Things (IoT) Devices.  What Are They and What Kind of Security Risk Do They Pose?  

• Public Wi-Fi:  What Is It and What You Need to Know to Stay Safe 

• What is a VPN?  How VPNs Work and Why You Should Use One