Having a strong cybersecurity solution is essential in today’s connected world.
In 2019, millions of people who live in certain major U.S. cities, including New Orleans(1) and Baltimore, were impacted by major cyber-attacks that have even led to the declaration of a state of emergency as the hackers held vital city systems and information hostage to ransom payments. This same situation could happen on a car or an entire fleet of vehicles, endangering drivers and exposing automakers and end users to various safety and financial risks. The entire digital world today is vulnerable.
Within the next five years, it is expected that all vehicles manufactured globally will be connected and interacting with varying digital ecosystems, yet the question has been raised whether vehicles appropriately shielded from hackers and malicious software. The amount of data produced and exchanged is expected to skyrocket and so, too, are the security concerns.
Garrett Motion recently secured a contract to implement its cyber solution on a mass-market production vehicle to be launched in the coming months with a major global automaker. Garrett on-board and off-board software solutions help to safeguard vehicles from cyber-attacks while simultaneously identifying other relevant vehicle defects, and understanding their root causes.
Below is a Q&A with Garrett Senior Vice President & Chief Technology Officer Craig Balis about the company’s cybersecurity approach and its importance to the future of safe and reliable connected vehicles.
Why does vehicle cybersecurity matter and are vehicles protected today?
It has been demonstrated that today’s cars can be hacked. Hackers take advantage of unprotected entry points – like a key fob, Bluetooth connection or the diagnostic port that exists on every modern vehicle – to gain access to the vehicle’s on-board computer and inject malicious software that can mimic normal commands. This means a stranger near your car, or even on the other side of the world, can potentially unlock doors, roll the windows down, or even manipulate the brakes and other essential safety systems. But the risks extend past the physical realm – location data, personal information and more can be compromised if hacked.
High-profile “white hat” hacks, which are typically done by cybersecurity specialists to expose vulnerabilities, in recent years have prompted OEMs to address their vehicle’s cyber weaknesses. Although some automotive players have patched some vulnerable components, today’s vehicles were not designed with security in mind, and may not be technically capable of adopting the on-board cyber solutions needed to fully protect cars, as recommended by several standards around the globe.
Implementing an effective cybersecurity solution is not a one-off action – it requires constant updates and monitoring. In the same way a PC requires regular upgrades to its anti-virus software, vehicles require the same level of attention. Understanding the auto industry’s development cycles, sensitivity to cost and complex ecosystem, it will take several years before full detection, protection, reporting and update mechanisms could be in place on all vehicles.
Please click here to view the full press release.
SOURCE: Garrett Advancing Motion