1(630)802-8605 Ravi.das@bn-inc.net

Merry Christmas everybody!  To everybody out there, have a safe day, and enjoy it!  If at all possible, stay disconnected for a day!  I think we all stay away from technology for just one day.  Anyways, although it is a holiday, just thought I would keep up the blogging, because I have to be at work tomorrow LOL.  Do you remember yesterday’s blog?  It was about the predictions as to what 2019 holds in terms of lurking and new Cyberattacks.

In today’s blog, we sort of continue with that theme, but more with an emphasis upon being connected.  As a I also described yesterday, we are now entering into a brand-new world that is called the Internet of Things – or IoT for short.  Essentially, this is where we are connected to everything that we come into contact with.  This includes everything in our home – and even outside of it, especially our cars.

Many cars today are literally becoming like the latest airplane cockpit, with all of the latest electronic gadgets and touch screens one could every imagine.  The last time I had a car like this was when I had an outside sales position for an environmental firm.  The car was a Ford Fusion Hybrid, straight off the assembly line.

It had one of those devices where you could lock/unlock your car, and even set the alarm off from hundreds of feet away.   It also had a sort of “television monitor”, where it would display your surroundings as you were backing the car up.  If you came close to anything, all of these alarms and bells would go off.  It also had a Cirrus brand satellite radio system, and electronic push button stations. 

Heck, this car even had a DVD player where you could insert a DVD so that the passengers in the back could watch any movie they wanted to.  Other electronic sounds and alerts went off for other things, such as when you were getting low on oil, gas, or even windshield wiper fluid. It even had a few USB connections so that you could connect your laptop, Smartphone, or whatever else into it.

I sort of marveled at all of these electronic gadgets, but I kept thinking to myself, what if something went wrong with one of them?  I mean everything is so connected with another, if you take out one electronic part, you would have to take out some of the others as well. Plus, this so called “Smart Car” was also a Hybrid, meaning any battery change would cost almost $2,000.00!!

I never really thought of the interconnectedness of these “Smart Cars”, and how much they are at risk from a Cybersecurity standpoint, until today.  I came across an article and a related market research report entitled the “Upstream Security Global Automotive Cybersecurity Report 2019.”  In it, they detail the major risks and threats that the automotive industry could face.  The actual content can be downloaded at this link:

https://www.upstream.auto/upstream-security-global-automotive-cybersecurity-report-2019/

In summary, this report makes the finding that the automotive industry could face a whopping loss of almost $25 Billion just in the next five years alone, due to Cyberattacks alone.  But it is not just the “Smart Car” of the future that is at risk, all of the things and other devices that are connected to it are also at grave risk, according to this quote: “With every new service or connected entity, a new attack vector is born . . . These attacks can be triggered from anywhere placing both drivers and passengers at risk. Issues range from safety critical vehicle systems, to data center hacks on back-end servers, to identity theft in car sharing, and even privacy issues. The risk is immense. Just one cyber-hack can cost an automaker $1.1 billion, while we are seeing that the cost for the industry as a whole could reach $24 billion by 2023.”  (SOURCE:  https://www.securitymagazine.com/articles/89696-cyber-hacks-could-cost-auto-industry-24-billion).

Other key findings of this mark et research report include the following:

*Other providers to the “Smart Car” are at equal risk at well, and this includes the Tier 1 suppliers, fleet operations, telematic service providers, and even the car sharing/car rental companies.

*Just in 2018 alone, in the automotive industry the total number of Cyberattackers (aka the “Black Hats”) far exceeded the good guys, known as the “White Hats.”

*Because of just how electronically sophisticated that cars are becoming today, the need for multifactor authentication is fast becoming a must now.  For instance, the “Smart Car” now depends upon a Cloud based Infrastructure, various other SaaS based software applications, as well as the various servers for the networking side of things that the “Smart Car” has become so reliant upon.

*42% of Cyberattacks to “Smart Cars” now involve targeting the back-end servers, which has a huge and detrimental impact upon data leakage and fraud.

My thoughts on this?

All I can say is wow, I never realized that the “Smart Car” of today and the future is so dependent upon other external connections and applications.  This has been claimed to be a big part of the IoT world; for example, when we are driving, all we have to do is launch Siri or Cortana, and they will pretty much do everything for us, except for the driving the car itself.

Once again, this just underscores just how weak the entire IoT system is from a Cybersecurity standpoint.  Anytime you add just one more connection, this only increases the attack surface for the Cyberattacker. 

To me, it’s scary to think that one day (and it could even happen much sooner than expected) as we are driving a “Smart Car”, a Cyberattacker could literally take 100% control of it, and make you the hostage inside of it.

Also, you think that the “Smart Car” of today is extremely sophisticated?  Just wait for a year from now, there will be even more electronic gadgetry in them, and the cars of today will pale in comparison.  And because of that, the dependency upon the level of interconnectedness will be even much greater.

If you do indeed happen to own of these “Smart Cars”, my best advice to you is keep everything disconnected as much as possible, until you absolutely need to plug them in. 

As for me, I am quite happy with my little Honda 2003 Civic.  It is quite fuel efficient, and best of all, it does not depend upon any sort of interconnectedness except for the radio – everything is all “analog” by today’s standards.