Cybersecurity Experts Call for Industry Cooperation to Prevent Car Hacking

Carmakers must step up efforts to defend their next-generation vehicles against would-be hackers, according to a panel of experts speaking at a recent Automotive Press Assn. event in Detroit.

They point to the recently formed Information Sharing and Analysis Center for automotive cybersecurity as a good first step. Created by two multi-company international carmaker alliances, the new ISAC serves as a hub for companies to share information about cyber threats and solutions.

Rapid technology advances and the lack of standards for self-driving and connected vehicles has resulted in a “wild West” environment as companies vie to be first to market and attract new customers, notes panelist James Gisczak, an attorney for McDonald Hopkins’s Bloomfield Hills, Mich., law office. Liability will be a particular concern with the advent of automated functions, he warns.

Hackers also could remotely access a motorist’s personal and financial information or tap into connected infrastructure systems and businesses. Other concerns include industrial espionage and national security.

There’s a huge potential for data breaches with vehicle-to-vehicle and vehicle-to-infrastructure communications systems, warns Elena Farnsworth, CEO of Pontiac, Mich.-based Mobile Comply. Her company and others are working to train top carmaker executives, government personnel and consumers about the threat.   

Collaboration and transparency are needed to counter automotive cyber attacks, adds Tom Winterhalter, supervisory special agent of the FBI’s Detroit division. He says carmakers must employ vigilant training, share information with each other and work with law enforcement to identify and prevent security breaches. In addition to their own vehicle, Winterhalter says, consumers also should be careful about synching their smartphone with a rental car—especially when travelling overseas.

Linking a smartphone to a car could allow hackers to steal personal data to access bank accounts or conduct identify theft, points out Anuja Sonalker, vice president of engineering for TowerSec, an Ann Arbor, Mich.-based cybersecurity firm. “If you don’t need to connect your phone to your car, don’t do it," she advises.