Transport cybersecurity: how a car can be stolen from a computer

Transport cybersecurity: how a car can be stolen from a computer

Transport cybersecurity is the security of personal data shared by a user with a transport device or transport data aggregator. Today, “smart” systems surround us everywhere: they control highways and railways using monitoring platforms, monitor and prevent traffic jams as navigators, and are responsible for the safety of passengers and drivers inside cars.

All these systems use controllers and sensors that allow you to keep in touch with external data sources. In practice, it turns out that the more communication a vehicle has with the outside world, the more vulnerable it becomes to cyberattacks from outside, and the more it needs a special protection system.

Such technologies are used by Tesla, whose electric cars travel around the world. Today you can even use the Tesla lease Dubai, for example, and check it out for yourself. The rental service will offer a wide range of fully functional models at reasonable prices so that you can experience a high-tech rental experience. And all this is for best possible rental prices on the market.

Growth in the number of cyberattacks and the motivation of criminals

Since 2020, the number of cyberattacks worldwide, according to Positive Technologies, has increased by at least 20%. The most common tool was ransomware (63% of cases). The increase in the number of cybercrimes is also due to the fact that people began to spend more time at home during the pandemic, and for some of them cyberattacks have become a kind of entertainment.

First of all, cybercriminals are interested in money in exchange for the data of a particular user or company information. Encryption viruses are often used for these purposes – programs that completely block the operation of various systems, most often with a ransom demand. 

For example, in 2021, hackers attacked the information systems of the American division of Kia Motors in a similar way and demanded a ransom of 404.5 bitcoins for decrypting the data. The viral outage affected UVO Link mobile apps, phone services, payment systems, and official and internal portals used by dealerships.

How to get into the car and what can be done with it remotely

In 2015, researchers Charlie Miller and Chris Valasek became concerned about cybersecurity issues and began to investigate this topic on a Jeep car. As a result, they found a vulnerability in the telematic navigation unit, with the help of which they remotely “climbed” inside the car and decrypted the messages that went over the secure network. 

Miller and Valasek were able to remotely take over control of the car: they began to play around with windows and wipers, and then completely threw the car into a ditch. They could adjust the speed and turn the steering wheel: this was the first serious public case – after it, the auto industry began to look at cybersecurity more seriously.

Today a hacker who found the “key” to the telematics unit could no longer control the steering wheel and brakes. Previously, the blocks inside the car worked through some kind of central bus; now they are divided among themselves according to their functions and can depend on each other only within their framework – without interaction with the central axis.

How to protect yourself and your car

The most important thing when detecting a cyber attack is to stop its spread inside the car in time. To combat this problem, many countries already have a mandatory physical security certification, and an additional mandatory cybersecurity certification.

The commercial sector is also developing solutions to combat cybercrime: For example, in 2019, Jaguar Land Rover partnered with BlackBerry to use its cybersecurity software in all of its new vehicles. Under the terms of the cooperation, BlackBerry is also helping to identify potential vulnerabilities in vehicle security systems, including drones.

In addition, Panasonic and McAfee have begun similar developments: the companies agreed to build an operational vehicle security control center for telematics units or autopilots in order to detect and respond to attacks in time. The mechanism that underlies it prohibits all unauthorized actions. So, if the navigation system suddenly wants to increase the speed to 200 km / h, then this activity will be blocked automatically.

Conclusion

Modern cars are increasingly reminiscent of high-tech gadgets. They are stuffed with computers and multimedia systems, intensively exchange data with cloud services, other cars, and road infrastructure. The digitalization of transport adds to the usual dangers the risks associated with cyber threats. In this sense, the future of road transport cybersecurity is very important.