Accelerating cyber security threats in connected cars, Auto News, ET Auto

[ad_1]


<p>Connected car technology, which has now become an integral part in the auto industry for the integration of various communications, comes along with several risks associated with these advancements.</p>
Connected car technology, which has now become an integral part in the auto industry for the integration of various communications, comes along with several risks associated with these advancements.

New Delhi: Car technology has evolved significantly in recent years, with advancements in various areas to improve safety, efficiency, connectivity, and overall driving experience. Some key aspects of car technology are Autonomous Driving, Autonomous Driving Assistance System (ADAS), Vehicle-to-Everything communication (V2X), and Augmented Reality.

Connected car technology, which has now become an integral part in the auto industry for the integration of various communications, comes along with several risks associated with these advancements.

Connected car end-services provide an ecosystem with on-demand infotainment, navigation, diagnostics of the vehicle like vehicle health, scheduled maintenance, service coupons, service scheduling, EV battery charge monitoring, and others.

However, it comes with a cost of cyber-attacks, and cyber breach. Connectivity in car archives and collates a vast data attribute specific to the car, driver, driving environment, and more. This data is then shared with apps and services for mutual benefits through the data collector.

An EY report on ‘Cyber securing connected cars 2.0; Navigating opportunities and risks in the digital era’ has mentioned several cybercrimes that can harm the consumer’s privacy. EY survey has disclosed the data that ranked India second in 2022 for the total number of cybercrime complaints received 2,550 that is 28.8%. Canada was at the top with 5,517 complaints. Australia, France, and South Africa followed India.

Some breaches at OEM data centres are aimed at stealing customer’s personal files, disabling vehicle’s operation or spreading malicious activities, it can be done through cloud services, broadcast services, GPS/LTE and others.

On the other hand, some short-range wireless devices like bluetooth, consumer smart devices and others can provide unauthorized access to vehicle internal network and infotainment systems. It can aid to steal private and corporate data, track individual vehicles or entire fleets and hijack non-safety and safety critical functions.

With the help of physical connectivity in cars via USD, and OBD-II, a compromise of critical functions of vehicles can occur as per the report.

Car cybersecurity market

The report states that the cyber security market for cars was valued at USD 186.63 million in 2019 and is expected to reach a value of USD 2460.9 million by 2025, registering a CAGR of 52.15%. The increasing connectivity of vehicles and the growing adoption of telematics services in automobiles create more job opportunities. This reliance on connectivity in automobiles opens the door to vulnerability of cybercrimes/attacks during their operations and generates a market of cybersecurity.

Cyber-attack scenarios

The EY report has explained how attackers can use connectivity for cyber-attacks.

1.In-vehicle infotainment: The attacker sends a code masked as an entertainment file on the phone. This gives access to the car or it is already linked to the IVI system. The phone owner then unintentionally opens the code (entertainment file) which makes the content (of device) accessible to the attacker, which he/she can use as per the wish.

2.Wi-Fi Hotspot: An attacker can hijack the browsing session and snoop on the websites visited over an LTE connection using an attack called aLTEr. This LTE service can provide access to the mobile device which he/she can use to spy, spam, track and spoof.

3.5G SIM: The attacker can try to hack the SIM remotely through an encrypted key, which stores confidential information that took place in the car. 5G SIM is mounted in the car and possessing control of the device gives the attacker the control of the car and its owner.

4.Mobile Application: Mobile application of the vehicle connects the owner’s phone with the car. This can be accessed by people other than the owner. This brings vulnerabilities which leaves it susceptible to multiple types of attacks, thus rendering the device vulnerable.

5.Service Threats: Service personnel can hamper the device security, when the car is given for repairing/ servicing. This gives entry to the attacker in the vehicle thus providing plenty of opportunities for cybercrimes.

6.ADAS System: Attackers might attempt to manipulate the sensors (such as cameras, radar, lidar) in ADAS to provide false information to the system. Due to which a vehicle can make incorrect decisions, potentially leading to accidents. Along with that a denial-of-service attack could disrupt the normal functioning of ADAS by disrupting vehicle’s sensors with excessive traffic which can hamper safety features.

  • Published On Feb 20, 2024 at 06:09 PM IST

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETAuto App

  • Get Realtime updates
  • Save your favourite articles


Scan to download App


[ad_2]

Leave a Reply

Your email address will not be published. Required fields are marked *