Waking up and dragging yourself out of bed on a Monday morning is hard enough. Imagine, on the long, road-rage-inducing ride to work, your car is suddenly taken over by a remote hacker and you lose control. Your brakes stop working, your car starts turning, and maybe you even lose control of your radio – now Miley Cyrus is playing (yikes!).
Your frustrating ride to work has just become nearly catastrophic, and it all comes down to a lack of software protection in your car’s "soft" wiring. Recently, Chrysler has found that their cars are vulnerable to these types of attacks, stemming from a wireless service that connects the cars to Sprint’s cellular network. According to an article released by CNN, the risk for vehicle hack attacks was discovered in 2013, but exponentially increased with the introduction of wireless connectivity that is now standard in every new car. At first, the hacker can access your air conditioner, radio, and navigation system. However, once inside, they have a terrifying amount of access to your car’s ability to drive – your brakes, steering wheel, and gas pedal are all at the hacker’s control.
Now, I can assume between your fearful breathing and paranoid research of your car’s ability to fight these hackers, you’re thinking, “How could this have happened?” The answer is simple. When companies release their own software, they often do not use the proper amount of caution when analyzing the code for flaws. What companies like Chrysler are quickly realizing is that when their products become part of the connected network, they also become a target. Just like your computer, phone, TV, alarm system, and everything else in your life that is connected.
Cyber security is complex and has many layers. Protecting products like connected vehicles is no easy task, but it’s one that is absolutely necessary, considering the industry’s accelerated movement towards self-driving cars and the injection of more technology into your vehicle ... yikes! Application security is one of those important layers in a holistic cyber security strategy, and PSC’s customers are able to avoid such incidents from originating within the application layer by leveraging our industry-leading software security forensics.
Before you go out and buy a '69 Camaro or old Chevy Impala, realize that companies like Chrysler are very aware of such vulnerabilities and are working with their supply chain to ensure new processes and policies are in place to protect their customers in the new connected automobile world. Keep on the lookout for upcoming announcements of Chrysler’s proactive movement in this area [wink ... wink].
PSC Vice President