In today’s connected world, we take great care to protect ourselves from hackers and other threats to our cybersecurity. We protect our computers and our smartphones, but have you thought about your vehicle? The Federal Bureau of Investigation (FBI) issued a report to select private companies saying that automakers were the leading targets for hackers in 2018.
A report by CNN, which obtained a copy from the FBI, states that “the automotive industry likely will face a wide range of cyber threats and malicious activity in the near future as the vast amount of data collected by Internet-connected vehicles and autonomous vehicles become a highly valued target for nation-state and financially motivated actors.” CNN further reported that an FBI spokesperson would not comment on details in the report, but noted that “in furtherance of public-private partnerships, the FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations.”
This is not a new threat but it is an increasing one. As early as 2015, Fiat-Chrysler issued a recall of 1.4 million vehicles due to software security issues. General Motors also had a recall on a software app just last year when it was brought to light that hackers could control some systems in the Chevrolet Volt.
The FBI report warns that automotive companies have been victim to ransomware attacks. It pointed out that one company paid the ransom, but the hacker never released the stolen data. Ransomware can be devastating to an individual or an organization. Anyone with important data stored on their computer or network is at risk, including government and law enforcement agencies, health care systems, or other critical infrastructure entities.
While wireless features are not new to today’s vehicles, the recent addition of Wi-Fi hot spots and satellite communications make these systems more vulnerable to cyberattacks. A report by Reuters states that the FBI bulletin T”warned that criminals could exploit online vehicle software updates by sending fake e-mail messages to vehicle owners who are looking to obtain legitimate software updates. Instead, the recipients could be tricked into clicking links to malicious websites or opening attachments containing malicious software.”
