Cybersecurity expert fears deadly impact of smart car hacking

McAfee security consultant JP Dunning urges smart carmakers and partners to strengthen security standards for connected vehicles.

smart car vulnerabilities
Mercedes introduces the 2017 Smart electric car at the 2016 Los Angeles Auto Show in Los Angeles, California, US 16 November 2016 (Lucy Nicholson/Reuters)

A cybersecurity expert underscores the exponential rate of dangers brought along with the rise of the Internet of Things (IoT) devices. While the risk of hacking is imminent to all connected devices, the expert singles out makers and third-party manufacturers of smart cars to boost security standards as the impact of hacking on connected vehicles is far more direct and can be deadly.

Thumped brake, activated windscreen wipers and turned up sound system volume are some potential scenarios that can remotely be manipulated by malicious hackers. Their dangerous activities may impact adversely if smart cars are exposed to vulnerabilities.

Also read: Singapore's first electric car-sharing service kickstarts in December

JP Dunning, the principal security consultant for McAfee's Foundstone Services, told Channel News Asia in an interview that the more electronic components embedded in a car mean these vehicles are more vulnerable to hacking and striking in the eyes of cybercriminals.

"Anything new in software or hardware is open to vulnerabilities," said Dunning, terming the IoT ecosystem's security "not mature".

Dunning has urged all carmakers and third-party manufacturers to be more diligent in building the security system of their vehicle as the repercussions brought by cybercriminal activities are instantaneous and could even trigger life and death situation. He noted that car manufacturers and its partner suppliers might observe impressive security measures but third-party manufacturers in the after-care market may not.

Also read: Over half of UK councils have been attacked by ransomware

Although, Dunning adds hacking smart cars could be an expensive venture for hackers as different brands might have different car systems. For instance, hackers will have to buy a car to look for its vulnerabilities in Bluetooth. Additionally, the vulnerability of one brand may not be applicable to the other.

Nevertheless, Dunning suggests that carmakers should be more open to threat disclosures and accept them as a challenge to better improve their security standards. He hopes that these companies will be more open to accept the flaws and strive to achieve a hack-resistant car system.

This article was first published on September 30, 2017