A recent demonstration hack performed on a Chrysler jeep sheds light on the greater need for a protection that goes beyond just a firewall system to something more far-ranging in scope in an age of connected devices and appliances.
Experts recommend that the auto industry reconsider its approach toward security by targeting the strategy of hackers. That means developing a security protocol that tries to identify an attack and predict its behavior before it can be used by the bad guys.
Experts believe the automakers are lagging behind in keeping the operational security of their connected vehicles safe from attackers. The lax security measure among the players in the auto industry is said to emanate from the confident assumption that hackers will face difficulty in penetrating the security infrastructure of the connected cars.
That assumption has been shattered when a team of researchers successfully hacked through the head unit of a Chrysler model. The unit is called UConnect, which serves as the perimeter security for the vehicle. During the demonstration, the vehicle’s cellular network connection was used to gain access to the Chrysler’s control area network, which functions as a gateway to the car’s electronic parts. Access to CAN helps to locate electronic messages that control certain components of the vehicle such as the wheel, brakes, acceleration and other crucial parts. The messages on CAN bus are easy to predict, according to one of the researchers.
And this vulnerability could spread to other types of vehicles as the network of connected cars become increasingly linked, thus making it easier for attackers to penetrate whatever system they want to target.
Admittedly, the growing adoption of connected, self-driving vehicles poses greater threats to passengers. So there is, as well, a greater need to protect the computer systems of these connected vehicles from any form of attack. It is now a crucial task.
The researchers have already shared their findings with Chrysler and the automaker has released a fix for the security flaw in the head unit of the vehicle. For users, the software patch must be downloaded and saved in a flash drive before updating the Chrysler Jeep’s software with the fix.
But other potential risks may still be in existence that could replace the remote flaw presently in question. According to the researchers, there is hardly a method for securing the computer system of a vehicle, therefore other security holes could be found in the Chrysler sooner or later. The same prognosis goes for other vehicle brands.
