Connected cars vulnerable to mass cyber attacks: Report

LOS ANGELES • A consumer advocacy group has warned that carmakers are rolling out new vehicles that are increasingly vulnerable to hackers, which could result in thousands of deaths in the event of a mass cyber attack.

In a new report titled Kill Switch: Why Connected Cars Can Be Killing Machines And How To Turn Them Off, Los Angeles-based Consumer Watchdog said cars connected to the Internet are quickly becoming the norm, but constitute a national security threat.

"The troubling issue for industry technologies is that these vehicles' safety-critical systems are being linked to the Internet without adequate security and with no way to disconnect them in the event of a fleetwide hack," the report said.

It said industry executives were aware of the risk but were nonetheless pushing ahead to deploy the technology in new vehicles, putting corporate profit ahead of safety.

The report was based on a five-month study with the help of more than 20 whistle-blowers from within the car industry.

The group of car industry technologists and experts speculated that a fleetwide hack at rush hour could leave about 3,000 people dead.

"You can control all sorts of aspects of your car from your smartphone, including starting the engine, starting the air-conditioning, checking on its location," said one of the whistle-blowers, who did not wish to be identified.

"Well, if you can do it with your smartphone, anybody else can (do it) over the Internet."

  • 3,000

    Number of people who could be killed during a fleetwide hack at rush hour, as speculated by a group of more than 20 car industry technologists and experts.

The report recommends that all connected vehicles be equipped with an Internet kill switch and that all new designs should completely isolate safety-critical systems from Internet-connected infotainment systems or other networks.

"Connecting safety-critical systems to the Internet is an inherently dangerous design," said Consumer Watchdog president Jamie Court.

But Ms Gloria Bergquist, a spokesman for the Alliance of Automobile Manufacturers, the leading advocacy group for the car industry, suggested that the report was aimed at creating hype ahead of a cyber-security event in Las Vegas.

"Today, cyber security is a priority for every industry using computer systems, including (cars)," she said in a statement.

"Automakers are taking many protective actions, including designing vehicles from the start with security features and adding cyber-security measures to new and redesigned models."

She said consumers must be vigilant to avoid falling prey to hackers.


A version of this article appeared in the print edition of The Straits Times on August 03, 2019, with the headline 'Connected cars vulnerable to mass cyber attacks: Report'. Subscribe