Fast and the Curious – Is car-hacking a looming reality?

Connected vehichle

Eight installments and over $4 billion at the box office later, ‘The Fate of the Furious’ finally addresses a very hot topic in people’s minds: Are the next generation of connected cars safe?

The anarchist hacker – Cipher, can (seemingly) control anything in the world with a Wi-Fi receptor and a chip (Internet of Things – IoT), and hence can also control the autonomous vehicles by breaching their driving software as a point of entry – something referred in the movie as a ‘zero-day exploit.’

This latest series has some cool cars, that blow up, crash, wreak havoc in city streets, and also at one point get hacked… But how realistic and feasible is this hacking? Can cars truly be converted to driverless missiles to attack other cars and people on the streets?

A zero-day vulnerability refers to an undiscovered software vulnerability that hackers can adversely exploit to affect a piece of that software. It is called ‘zero-day’, as this vulnerability has not been previously reported or announced before becoming active.  These vulnerabilities are considered severe threats as the more recently an exploit is published, the higher the probability that an attack can take place.

So, is the Hollywood interpretation of ‘connected-vehicle hacking’ a current reality?

The short answer to this question is 'NO'. This is because manufacturers building connected cars, and their components, are taking preemptive steps to ensure components, networks, and applications that make up today’s connected vehicles are rigorously tested and tuned to mitigate vulnerabilities prior to customer delivery. While it is also true that compromises in connected vehicles can occur, manufacturers are proactively investing substantial resources in ensuring these compromises are exposed internally, and remediated before being compromised by someone with malicious intent. 

Most connected cars today offer the convenience of syncing data from our ‘smart-devices’ such as smart phones and tablets, to seamlessly integrate our music, phone contacts, and even games and movies for children to entertain themselves by leveraging ‘Smart-TVs’ in the back seats. While the convenience of this seamless transfer does certainly simplify our life, it also introduces a new paradigm for security testing.

Looking back, it has been a little under a decade since the first smartphones were launched, and they have evolved fast – from having low resolution cameras and poor battery life to today being argueablity more powerful than some of the lower end computers on the market. Through this phase of exponential growth and expansion, phone manufacturers focused very heavily on the security aspects for their customers. While the security curve was steep, the smartphone industry has been successful in weaving in security at the very core of their framework. The smart car industry will also follow suit, but will also face the additional challenge of considering ‘physical safety’ as it relates to the operation of connected vehicles, and the impact of devices and applications connecting to them.

It is true that autonomous vehicles can today manage simple tasks like parallel parking, and reversing, but the possibilities of what the future looks like are endless. Getting your vehicle to drive you through the busy, hilly and congested San Francisco streets, while you relax and read a novel would be considered virtually impossible in today’s day and age, however, with careful planning and thought this may be a real possibility in the not too distant future.

Yes, devices that connect to the internet today are part of the IoT umbrella, and can potentially be ‘compromised’ with a keystroke, but Spirent can provide realistic and preemptive intelligence into potential vulnerabilities that may exist, resulting in more robust infotainment systems and autonomous vehicles being manufactured. Autonomous cars are the way of the future, and Spirent is positioned to be a partner in your cyber security mitigation strategy.

Not every person has access to ethical hackers, but enterprises do. The time to start leveraging experts to aid in managing your security arsenal is now and Spirent can assist.

If you’re interested in learning more about how Spirent’s SecurityLabs team can help car and vehicle component manufacturers deliver safe and secure vehicles to the end consumer, contact us, or join us for our next webinar on ‘Securing the Connected Vehicle.’


comments powered by Disqus
× Spirent.com uses cookies to enhance and streamline your experience. By continuing to browse our site, you are agreeing to the use of cookies.