Keeping Hackers Out of Your Car
There’s no doubt that the Internet of Things is making life easier, more convenient, and even safer. IoT-connected thermostats save energy and protect that planet, while connected lights and outlets let you turn appliances on or off even when you’re not home.
It saves consumers money in wasted electricity, and prevents them from coming home to a dark house without having to needlessly burn a lamp all day. Many of the connected innovations currently in use have come from the automotive industry, who is undoubtedly making huge strides in the development of “futuristic” transportation. With everything from cars that update themselves to maintain optimal efficiency and safety performance, to cars that will drive themselves and hopefully reduce the number of auto accidents, cars of today already rely heavily on a network of connectivity.
And that’s what has a few lawmakers concerned. What do you do when a hacker breaks into your car’s computer and takes control? What if a hacker installs ransomware and takes over your vehicle entirely, putting you and others in life-threatening danger unless you pay up?
These might sound like science-fiction scenarios, but in the era of digital crime, nothing is too far-fetched, especially when some of the latest vehicles have as many as forty computerized features that can be accessed remotely. Last July, two “white hat hackers” (individuals who put their insanely good hacking skills to use for the benefit of society) demonstrated this danger when they remotely connected to a Jeep Grand Cherokee’s computer and took over the speed, the brakes, and other crucial and non-critical systems. This led to a recall of over one million vehicles in order to secure the UConnect entertainment system that enabled the breach.
Legislation was introduced last summer in order to mandate that the automotive industry tighten the controls on this kind of access in order to keep the driving public safe. United States Senators Edward Markey and Richard Blumenthal co-authored the SPY Car Act, which stands for “Security and Privacy in Your Car,” in an effort to establish industry standards for vehicular cybersecurity.
One of the chief criticisms of our world of connected devices is that we tend to introduce a new IoT gadget or gizmo, and only later do we find out how a cybercriminal can use it to do harm. Even when the fault is unintentional there’s the potential for harm, such as when thousands of Google Nest thermostat users woke up one morning early this year to find that their thermostats were dead due to a glitch in the latest software update. Some experts have warned of dangers that haven’t yet happened but that are all too easy to envision, such as life-threatening concerns over IoT insulin pumps and pacemakers in the medical field.
With legislation like the SPY Car Act and standards currently being authored for connected medical devices, consumers should gain a greater awareness and appreciation of the great possibilities—and the potential for harm—of the Internet of Things.
Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.