You’ve probably seen myriad stories in the news lately about the risks of connected cars being prone to hacking, one going so far as calling 2015: “The Year of the Car Hacks.” Other stories have worrisome titles such as, “Car hacking: How likely is it to happen to you?” or “Hackers Cut a Corvette’s Brakes Via a Common Car Gadget.”
Although fascinating and certainly noteworthy for those of us enamored with car “gadgets,” none of this recent hacking frenzy is particularly new news. “Can Your Car Be Hacked?” was a feature story in Car and Driver magazine four years ago. And an excellent article by the Washington Post this past summer entitled, “Hacks on the Highway,” noted that in 2010, scientists from the University of Washington and the University of California at San Diego could hack into a car and control almost any computerized system within it.
Hacking into computer systems on a significant scale started not long after the first personal computers began to proliferate in the late 70’s. We should rightly credit “hacking” as being an integral part of the innovation and evolution process of technology. After all, it was the spread of nasty malware and viruses in the 90’s after the explosion of the World Wide Web that led to our having automated screening and security protocols on nearly everything involving digital data exchange today. Hacking is why we have virus protection and firewalls; this is also why each of us have so many usernames, passwords and PINs to memorize too!
So what about everyday driving in our modern, connected cars these days? Might my new car be at risk to unexpectedly accelerate, brake, or shut off while I’m driving home today? Is a hacker going to single me out because I have a UBI telematics device installed and force me to crash? Should I be afraid?
Well, according to the InfoSec Institute, which specializes in information security training, beyond the scary stories there are not many empirical cases of real world car hacking, except those done in a lab environment to push for exposing vulnerabilities. Still, the threat and potential is real so it’s important to be diligent and stay aware.
We shouldn’t be afraid of new technology if we exercise common sense, take reasonable precautions, and work together with other reputable people when sharing potentially sensitive information. Even though hacking into your car is technically possible, industry analysts predict that any real hacking threat will mostly be benign and nothing to lose sleep over. “Just about every smartphone on the market can already be hacked to do things it’s not meant to do and the car won’t be any exception.”
Personal precautions against having your connected car inadvertently hacked should include simple things like locking your car’s doors when leaving it unattended, paying attention to vehicle manufacturer recalls, using well-recognized and well-recommended hardware, software, and service providers, following their procedural recommendations, and of course not writing down account passwords on sticky notes. If you use phone apps to share data, make sure they are from trusted companies and kept up-to-date. Do you make purchases online? Make sure you’re using a recent browser with a secured connection. Do you own a GM vehicle with OnStar? Make sure you’re using their latest version of the RemoteLink app.
In my next blog installment I’ll talk more about the importance of data security standards and what these mean for insurance telematics applications and Usage Based Insurance (UBI) in particular. In the meantime, stay connected and drive safely out there!