Introduction
The modern automobile is more connected than ever before. New vehicles are equipped with wireless technologies like Bluetooth, WiFi, cellular, and dedicated short-range communications (DSRC). These connections enable advanced features such as navigation, entertainment, vehicle diagnostics, and even autonomous driving. However, increased connectivity also introduces new cybersecurity risks that could put drivers in danger. As an owner of a connected car, it is critical to understand and protect against vehicle cybersecurity threats. In this article, I will provide an overview of automotive cybersecurity, explain potential vulnerabilities, and offer best practices to keep your connected car safe.
Potential Threats and Vulnerabilities
Connected vehicles contain multiple potential vulnerabilities that hackers could exploit to gain access, take control of systems, or steal personal data:
Access Points
- Bluetooth, WiFi, cellular networks, USB ports, and other wireless connections provide ways for attackers to infiltrate vehicle systems.
- Vulnerabilities in infotainment apps and faulty firmware updates also pose risks.
Control Systems
- The CAN bus networking standard used in most vehicles has inherent security flaws.
- Critical driving systems like brakes and steering could be compromised over the CAN bus.
Personal Data
- Location data, driving habits, contacts, and other sensitive driver information is collected and could be stolen.
- Vehicles store data like VIN numbers and owner details that is valuable to hackers.
While major cyber attacks have been rare so far, security researchers have demonstrated many proof-of-concept vehicle hacks. As connectivity increases, related vulnerabilities will also rise if left unaddressed.
Protecting Your Connected Car
Fortunately, there are steps you can take as a driver to improve your connected vehicle’s cybersecurity:
Use Strong Passwords
- Set complicated and unique passwords for your infotainment system and connected apps. Avoid using personal info like birthdays.
Limit Wireless Access
- Turn off Bluetooth, WiFi, and other wireless connections when not in use. Use a Faraday bag for key fobs to block wireless access when the car is parked.
Install Software Updates
- Download and install available software and firmware updates which often contain critical security patches. Beware of phishing emails with fake updates.
Use a VPN
- A virtual private network (VPN) encrypts your connected car’s internet traffic to prevent snooping and attacks.
Monitor Accounts
- Routinely check connected accounts like GM OnStar for unauthorized access attempts. Enable two-factor authentication where possible.
Research Cybersecurity Features
- Consider a car’s built-in cyber protections when purchasing. Brands like Tesla invest heavily in security.
Conclusion
Automotive cybersecurity dangers are likely to increase with advances in vehicle connectivity and autonomy. As a driver, being proactive about security is important to avoid cyber attacks that could result in theft, loss of control, and even physical harm. Following best practices like using strong unique passwords, limiting wireless access, installing updates, and enabling security features will help keep your connected car safe from potential cyber threats now and in the future.
