Over the past year, Toyota, Kia, and Hyundai have all touted “software updates” as the answer to fixing defective cars under open recall, and Tesla has long promoted its vision of the car as a “sophisticated computer on wheels.”
In fact, most cars are essentially already computers on wheels, experts say, with increasingly sophisticated technology to go with it. But cybersecurity hasn’t kept up with the developments, according to new reporting by automotive engineers and cybersecurity experts.
Synopsys, a cybersecurity firm, teamed up with the Society of Automotive Engineers, the organization that represents people who work as auto engineers in the United States, to interview 593 industry professionals.
According to their new report, 52 percent of the auto engineers interviewed say that they are aware of “potential harm to drivers of vehicles because of insecure automotive technologies.”
Raising those concerns with higher-ups apparently isn’t an option. Another 69 percent of the engineers polled said they didn’t feel “empowered enough” to tell their bosses about the safety problems. And the majority of engineers polled -- 83 percent -- said that cybersecurity has not kept up with evolving technology in the industry.
“Software in the automotive supply chain presents a major risk,” Synopsys concludes.
Consumer safety groups have previously raised concerns that driverless cars in particular may be vulnerable to hacking. And in the United Kingdom, hackers have already successfully stolen both Tesla and Ford vehicles by manipulating the keyless entry systems. The latter company recently unleashed its driverless Fusion vehicles on the road in Miami.
Smart home devices
If thoughts of a car that is remotely controlled by hackers has sent you running back inside, keep in mind that hackers are also trying to access your household appliances.
A new study by the firm NetScout found that hackers typically try to go after “smart” household devices within the first five minutes that they are online because that is when they are still programmed with the factory passwords and usernames.
"Alarmingly, users now have less than 5 minutes from the point of install to change the factory settings,” Matt Bing, an analyst with NetScout, reportedly said.
Once consumers reprogram the devices, the risk of hacking goes down somewhat, but not entirely.
Last month, hackers who go by the names Giraffe and j3ws3r broke into different strangers’ Chromecast TVs and displayed a message on the screens urging the strangers to follow the comedian PewDiePie on YouTube.
In the future, cybersecurity experts predict that hackers will also break into smart thermometers to demand Bitcoin ransoms from consumers.