Car hacking should be considered a national security issue, as hackers can “kill millions” of people using hijacked cars, warned an expert. Deaths are inevitable within five years if car manufacturers do not rush to solve cybersecurity issues and fix vulnerabilities in technology, Justin Cappos, a computer scientist at New York University, was quoted as saying to thetimes.co.uk on Monday.
“Any car built since 2005 could be controlled remotely by hackers with some cars built as long ago as the year 2000 also at risk. Hackers could already be causing accidents without the authorities realising it because no one was looking for the evidence,” Cappos said. “If there was a war or escalation with a country with strong cyber capability, I would be very afraid of hacking of vehicles.”
Once a vehicle’s internal computer network is hacked, the hackers would be able to tamper with key functions, including the braking system, power steering and locking mechanisms. “Many of our enemies are nuclear powers but any nation with the ability to launch a cyber-strike could kill millions of civilians by hacking cars. It’s daunting,” Cappos said.
In 2015, cybersecurity experts had in a shocking revelation said that there were a series of bugs in Chrysler’s Jeep Cherokee, which could take control of the car’s dashboard, locks, brakes and windscreen wipers. As a result, Fiat was forced to recall 1.4 million vehicles in the US for updates.
Industry bodies have however, thwarted Cappos’ claims, saying that work is already well underway to help prevent major hacks from taking place. “Billions are invested to stay ahead of criminals and new cars have never been more secure,” a spokesperson for the UK’s Society of Motor Manufacturers and Traders was quoted as saying to the ibtimes.co.uk on Monday.
Rob Wainwright, the executive director of Europol, tweeted: “Cyber security is clearly a big issue but it’s unlikely to be taken seriously by sensationalist comments like this.” Nevertheless, car hacking can pose a serious risk in the coming years as in recent years, multiple road vehicles have been found to be susceptible to cyberattacks.
In March 2016, an investigative report produced by International Data Corporation (IDC) and commissioned by security firm Veracode found that it could be years before adequate cybersecurity protections are put in place. “The industry is just beginning to debate cybersecurity issues surrounding connected cars. Manufacturers (said) that it will be one to three years before connected car systems are implemented with full consideration of such concerns,” the report found.