Justice Dept. Attorney John Carlin called for cooperation between automakers and federal officials to thwart terrorist hacking of vehicles.
Carmakers have to be ever more alert to the threat from outside hackers and even terrorists, the U.S. Department of Justice’s top national security attorney, John Carlin, said during the opening session of the Society of Automotive Engineers annual meeting in Detroit.
“What brings me here is this is an industry that’s on the cusp of not just an evolution but a revolution in how are cars operate, how they talk to each other,” said Carlin, noting that experts estimate more than 220 million vehicles will be able to connect to the internet by the year 2020.
Carlin said automakers will not only have to beef up their own protection against external threats but they will also have to collaborate more closely with law enforcement and national security officials to ensure that the nation’s transportation system is not put in jeopardy.
“Sharing information and intelligence between law enforcement is not enough,” he said. “With the ingenuity and development taking place in your hands … the infrastructure of the internet in your hands, to combat threats against it, we’re going to have to work together.
“That means … telling you what we see in terms of threats and calling on your ingenuity to figure out ways to protect” against them, he added.
Until recently, carmakers had been slow to react to the threat posed by hackers who have long attacked other sectors of the economy from banks, retailers and casinos. The general feeling among the industry’s engineers was that since each vehicle’s electronics were basically sealed off, they were immune to cyber threats.
(Toyota teams with Clemson grad students on uBox concept. For more, Click Here.)
However, the rapid introduction in recent years of connectivity that allowed motorists to reach the internet has forced carmakers to take the cyber security of each vehicle more much more seriously.
Delphi, the big electronics supplier, confirmed it invited hackers in to challenge its systems publicly more than two years ago and other companies routinely use “red teams” – a term borrowed from war games to identify at opposing force – to attack systems and prototypes as part of the effort to improve the security of the internet-connected systems that are now some of the most important selling points in new vehicles.
(Click Here for details about the FBI’s warning about cyber hacking of vehicles.)
Carlin noted during his SAE speech the new technology now being designed into cars has the potential to save lives, but could be exploited by terrorists, who have become more and more skillful at using for pure evil modern technology designed to help people or make life easier or more interesting.
“Within each of those cars will be hundreds of different systems, each essentially computers in the car, and connected wirelessly,” he said. “What we can see based on the threats we’ve seen in other industries and other areas is those who oppose our values — be they rogue nation states or terrorist groups — are looking to exploit this change in technology,” said Carlin.
(Terrorists could use autonomous vehicles as car bombs, expert warns. For more, Click Here.)
Carlin noted cyber threats also can do huge damage to a company’s reputation. Sony was the target of cyber attack traced to North Korea but still suffered serious damage and the reputation of Target was seriously damaged because of the poor security by a third-party vendor. In addition, many companies “don’t even bother to contact us” and will pay off a cyber bully rather than risk a publicly damaging incident.