Cyberhacking: cars, automakers and dealerships

Cyberhacking: cars, automakers and dealerships

Itês been quite a month for vehicle cyberhacking. Fiat Chrysler, General Motors and Tesla have had their cars remotely controlled by hackers, and 1.4 million Fiat Chryslers were recalled. NHTSA issued a strong warning to the auto industry. One poll found that a majority of consumers are worried about car hacking. And dealerships, one expert says, are as vulnerable to cyberattacks as large businesses like Target.

The Fiat Chrysler incident, with two hackers remotely taking control of a Jeep Cherokee and sending it into a ditch, has been well publicized. More recently, a hacker was able to remotely control a Chevrolet Volt, and GM had to issue a security update for a smartphone app to fix the problem.

NHTSA had strong words for the auto industry. –Itês a warning basically that whether it happens again tomorrow or a month from now or a year from now, it doesnêt matter these are areas we have to address,” NHTSA Administrator Mark Rosekind told reporters, according to the Detroit News. –Everybodyês been saying cybersecurity. Now you have to step up.”

The Alliance of Automobile Manufacturers and Association of Global Automakers are developing an information sharing center on cyberhacking that is scheduled to begin by the end of the year. But Rosekind said, –Theyêve got to do it now.”

In early August, after Rosekindês remarks, two cybersecurity experts remotely took control of a Tesla Model S sedan and stopped the car at 5 mph. The automaker quickly issued a software patch to fix the problem.

A recent survey by Kelley Blue Book found that 72 percent of Americans were aware of the Jeep Cherokee hacking, and 41 percent will consider that incident when buying their next car. Nearly 80 percent said vehicle hacking will be a frequent problem in the next three years or less.

The vast majority think the car manufacturer is most responsible for securing a vehicle from hacking. An impressive 64 percent would prefer to go to a dealership to get a carês security patch installed rather than do it themselves.

More than half of respondents said they would be willing to pay for a monthly subscription to ensure their car would be completely protected from hacking, with $8.00 the average they would be willing to pay.

Thereês clearly plenty of reason to be concerned about cars being hacked. Small businesses like dealerships may well be vulnerable to cyberattacks, too, says Tony Petcou, channel manager at Nuspire Networks, a managed-network security service provider (OK, not a completely objective source). A column he wrote for WardsAuto says that small businesses often have fewer data protection measures and limited budgets and resources devoted to cybersecurity. Petcou recommends that dealers develop a cybersecurity program for all levels of security at their store, such as IT, financial services and vehicle inventory.

Download Bulletin PDF