TrustPoint Blog

Consumers Need to Take Charge to Demand Better Security

After surviving a harrowing experience at the wheel of a hacked vehicle, WIRED journalist Andy Greenberg shared his insight in to what can be learned from these exploits. Automakers, OEMs and regulators all play a role in implementing systems and protections that can protect vehicles from hacking. Consumers may play the biggest role by rewarding the companies who show they are paying attention and making improvements.

In the July hack, when two researchers, Charlie Miller and Chris Valasek, attacked a Jeep Cherokee from a remote location, they wanted our attention. They wanted to dramatically demonstrate the vulnerabilities of connected cars.

Back in 2013, the pair hacked a Ford Escape and Toyota Prius from the back seat. While it got attention, it was dismissed because the dashboard had to be dismantled and the hacker, sitting in the back seat of the car, was not exactly inconspicuous.

Their return in 2015 demonstrates that vulnerabilities continue to be exploited, and now hacking can happen from anywhere.

The point of these hacks is not to put everyone in a panic. They do serve the purpose of alerting both the public and automakers that security for connected cars is a necessary and constant concern.

One viable approach is for automakers to partner with researchers/hackers who can constantly monitor systems for vulnerability. The article holds Tesla up as an example for having a program that encourages and rewards researchers for reporting bugs.

Greenberg also stresses the need for automakers to build systems that can respond to bugs quickly, while also keeping systems within the cars from connecting with each other. Josh Corman, the co-founder of I Am The Cavalry, is quoted in the article as saying, “Internet connected infotainment systems shouldn’t be able to talk to brakes and transmission.” He calls this approach “preparing for failure.”

The final point of the article is on the role of consumers and regulators. In the US, as a result of the hack, the National Highway and Traffic Safety Administration pressured Fiat Chrysler into recalling 1.4 million affected vehicles. At the same time, two senators, Ed Markey and Richard Blumental, have released a bill that will force automakers to disclose the security and privacy of their vehicles at the point of sale.

While these are welcome steps, consumers have the biggest role to play by demanding the best in security. Rewarding companies that pay attention and constantly improve will put the necessary economic pressure on their competitors to do the same. If it costs them customers, automakers will have no choice but to react and respond.

About this Blog

The TrustPoint Blog covers security industry topics relating to Certificates, Elliptic Curve Cryptography (ECC), Machine-to-Machine (M2M) Communication, Near Field Communication (NFC), Vehicle-to-Vehicle (V2V) Communication, and more.

Recent Posts