Car hackers aim to spur carmakers into boosting vehicle security

Car jacking -- old news; car hacking -- all the rage.

Some hackers have grown tired of the same-old; hacking computers, email, websites and networks is too easy. Why not try to hack a moving target? So, with the increasing Internet of Things sophistication of motor vehicles, hacking automobiles has become the new challenge.

As in the computer world, there are good hackers and bad ones. The good ones hack to enhance security, not to exploit it.

A group of well-intentioned hackers, calling themselves "I am the Cavalry," have popped up at the Def Con hacking conference in Las Vegas to garner support for an open letter to automotive CEOs, a letter that implores car companies to take concrete steps to prevent cyberattacks on cars.

"Modern cars are computers on wheels and are increasingly connected and controlled by software. Dependence on technology in vehicles has grown faster than effective means to secure it. Security researchers have demonstrated vulnerability to accidents and adversaries over more than a decade," the organization writes on its website.

In the Aug. 8 letter, the group cites its Five Star Automotive Cyber Safety Program. To begin with, the organization requests that automotive companies acknowledge that vehicle safety issues can be caused by cybersecurity issues; to embrace security researchers (such as themselves) as willing allies to preserve safety and trust; to abide by five foundational capabilities; and to initiate collaboration now to forestall negative consequences going forward.

The Five Star program includes Safety By Design, which is accomplished by adhering to industry standards rather than proprietary, nonvetted standards; Third Party Collaboration, which commits to full cooperation and communication with security researchers; Evidence Capture, establishing sort of a "black box" event-recording system in vehicles for investigating cyberattacks on a vehicle's software and tracking evidence and sources; Security Updates, meaning the ability to update, upgrade and patch software in a timely and secure manner to thwart potential attacks or mitigate the damage caused by attacks already made; and Segmentation and Isolation, the ability to separate critical systems from noncritical ones, and to prevent an attack on one system from having systemwide consequences -- to set up firewalls and containment zones.

Tesla vehicles rely heavily on sophisticated software and electronics. Founder Elon Musk has offered a $10,000 reward for a successful hacking of the Tesla Model S vehicle. As mentioned in Tech Times, a group of Chinese students did just that; they were able to hack into a Tesla, activating doors, windows and other controls while the vehicle was in transit.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics