Backend Connected Vehicle Attacks are Taking the Lead

Today’s cars are as reliant on data as they are on fuel and a good set of tires. The warning by the Society of Automotive Engineers that “It would be easy to say the modern car is a computer on wheels, but it’s more like 30 or more computers on wheels” has become a conservative estimate when you consider today’s connectivity challenges. As security risks start making headlines, OEMs are strengthening the protection they place around connected vehicles. But is the world of cyber-security offering the automotive industry enough protection?

OEMs are starting to make security a priority

OEMs are increasingly aware of how important it is to build cyber-security measures into their connected cars. Shifting left on security and creating more secure vehicles is part of achieving a strong security posture for the automotive industry. However, as an overall strategy, it has a few inherent flaws –

Front-end security does nothing to protect vehicles that are on the road already

When you design security built for vehicles, you’re always going to be one step behind active challenges in cybersecurity. The cycles of design and production for OEMs take several years, so in-built security features like automotive chips or subsystems can never hope to keep operating fleets or even on-road individual vehicles safe in real-time.

Protecting the individual vehicle ignores the majority of the risks

Whether it’s a connected vehicle service, a telematics unit, a mobile app or an OBD dongle, the security hazards will never all be within the confines of a single vehicle and its schematics or manufacturing. Take for example researchers who used a WiFi dongle to access the headlights of a Mazda from more than 3,000 miles away.

While OEMs can focus on creating trusted boot sequences, firmware and secure storage and hardware on their side, or use next-gen security like micro-segmentation to develop principles of least privilege for their own servers, recent research has proven that network connected applications are amongst the most common vulnerabilities for connected cars. This could be bad news for OEMs, as backend security is not nearly as developed yet, and there has traditionally been a lack of tools on the market to protect them. In fact, only 1/8 OEMs have any capabilities at all to diagnose a hacker attack that uses their wireless communication systems.

While companies struggle to find solutions to protect them, the risks are increasing. Only earlier this year, flaws in third-party services caused Telematics company Calamp to unwittingly provide access to vehicle location and security controls to hackers, risking more than 7 million connected users.

Endpoint security alone is not the answer

No business would consider employing anti-virus on their office computers without data center and network protection. OEMs need security solutions that are in the thick of it – able to reside on the network itself and inspect all data sources, no matter where they come from: telematics traffic, mobile application data, and even external information and protocols from context or behavior. Whichever solution you employ must be able to correlate all of this data to uncover threats that go further than one individual car.

Centralized automotive security views data from both ends

A cloud-based centralized security system is the only way to collate a holistic view of your entire fleet, utilizing the benefits of Big Data and Artificial Intelligence without limits on resources such as memory or CPU. As your centralized security system is on the cloud, there’s no need for software updates on the vehicles themselves. Protection is applied centrally through cutting-edge automation, removing the threats of insufficient patch management or security breaches due to faulty updates.

This holistic security approach also allows OEMs granular insight into the behavior of multiple vehicles. While one car turning off its headlights is not newsworthy, 100 doing this all at once could be cause for alarm, as seen in one example where hackers remotely disabled dozens of vehicles at once by attacking the immobilization system. In-vehicle security cannot detect this threat, but centralized security can.

Front-end security improvements represent an important step in the right direction for automotive safety. However, it’s only by gaining visibility into all data sources and being able to correlate them in real time on one centralized dashboard that OEMs can build a true picture of the threats that vehicles and drivers are facing today.