Hacking of connected cars stands as a major security threat

Posted Aug 13, 2019 by Tim Sandle
Connected vehicles will need better security feature to avoid cyber-attack. A new report finds that connected cars are open to being hacked and this stands as a major security threat.
General Motors: The Cruise AV is designed to operate safely on its own  with no driver  steering whe...
General Motors: The Cruise AV is designed to operate safely on its own, with no driver, steering wheel, pedals or other manual controls when it goes on the road in 2019.
General Motors Co.
The vulnerabilities of high-technology cars to hacking has been flagged by the U.S. Consumer Watchdog, who have issued a security report. This report that connected cars have Internet connections leading to safety critical systems which are open to a fleet wide hack. This is to the extent that a fleet wide hack , say during rush-hour, could lead to a 9-11 scale catastrophe.
These concerns are detailed in the report: "Kill Switch: Why Connected Cars Can Be Killing Machines And How To Turn Them Off." The report argues that car manufacturers are well aware of the risks but they have not discussed the issues in public.
As an example of the types of risks, the video below shows some Chinese hackers controlling the brakes on a Tesla car:
These types of car hacking demonstrations tend to focus on a single vehicle. However, the consequences are magnified when the future-state of networked and connected cars comes to fruition. This will create numerous avenues for a serious fleet-wide attack.
The report reveals that the majority of connected vehicles have the same type of vulnerability. This relates to the head unit (the infotainment system), which is connected to the Internet via a cellular connection and to the vehicle's CAN (Controller Area Network) buses.
Several companies are working on technologies designed to reduce the potential for hacking. One example is the collaboration between chipmaker Cypress and cybersecurity consultancy Karamba Security.
The two companies are seeking to leverage the Cypress Semper NOR Flash in-memory compute capabilities for connected systems (based on flash memory form factors) to lower potential cybersecurity risks. The Cypress Semper NOR Flash architecture enables users to supplement connected systems with cryptographic capabilities to the flash.
In related news, chip manufacturer Infineon intends to acquire Cypress Semiconductor. Cypress portfolio includes microcontrollers as well as software and connectivity components and the company is becoming a major player in the connected car technology business.