Eugene Kaspersky, CEO and Chairman of the IT security product firm Kaspersky Lab, has called on business and the IT security industry to join forces to protect driverless, connected vehicles from emerging cyber-threats.
Kaspersky says: “We cannot afford to wait until the first attack takes place. This is about saving people’s lives. The real-time tracking, detecting, analysing and neutralising of cyber-threats that is currently in place for computers and mobile devices will not be enough on its own. Incidents will take just seconds to disable or destroy a vehicle. We have to find and close the vulnerabilities now before the technology is integrated extensively into mass market vehicles.”
Fictional cyber attacks have featured in Hollywood plots as far back as 1983 when WarGames saw a student hack military computers gaining the ability to start a Third World War. Live Free or Die Hard saw cyber terrorists hack the FBI creating a crippling cyber-warfare attack on national infrastructure. More recently, a plot in the US TV drama Homeland saw terrorists gain access to the Vice President’s pacemaker, accelerating his heartbeat, inducing a heart attack. Whilst these may seem implausible plots, they are far from a distant reality. In fact, former US Vice President Dick Cheney’s doctors disabled his pacemaker’s wireless capabilities to thwart possible assassination attempts. Global reliance on technology requires heightened awareness of the risks associated with it. The cyber criminals are exploiting technology for their gain and Kaspersky believes we need to wake up to the risks.
Kaspersky Lab analysts have undertaken a proof-of-concept study into the security of connected vehicles. They found several areas of risk; by obtaining a vehicle owner’s identity credentials, thieves would be able to remotely unlock and take possession of the vehicle. And by intercepting and tampering with mobile communications and over-the-air software updates cyber-criminals could transmit malicious code or, in the worst case scenario, send new and dangerous instructions to the vehicle’s software systems.
Kaspersky says: “In theory a vehicle could suddenly fail or be taken over and there is nothing the driver or passengers could do about it. Our research revealed basic failures in data encryption and password protection that, quite literally, leave the door open to criminals.
“Everyone involved in the creation of a connected vehicle – including policymakers – need to collaborate to ensure such points of weakness are overcome before the vehicle makes it onto the roads. Time is of the essence. The one thing we can be sure of is that however fast we go, the hackers will be just a few steps behind us.”
Visit www.kaspersky.com.
