Daily Bulletin

The Conversation

  • Written by Tanveer Zia, Associate Professor in Computing, Charles Sturt University

It’s common to hear modern cars referred to as computers on wheels. They boast sensors that measure fuel and braking, along with built-in navigation and infotainment systems. These digital systems could be hacked and Australia needs to preemptively tackle this threat.

Compromised vehicles present unique issues. Besides putting people at serious risk, these smart cars often hold personal and confidential data such as driving patterns and routes, as well as corporate data and geolocation logs. And as cars become autonomous, they’ll rely increasingly on code and connectivity, making them potentially more vulnerable.

Read More: Cyberspace aggression adds to North Korea’s threat to global security

In response to the danger of hacked cars, the UK Department for Transport recently issued cybersecurity principles for smart car manufacturers and retailers. The principles, which cover accountability and training among other concerns, aim to prevent “hacking and data theft”.

Australia should introduce similar guidelines.

Can cars be hacked?

These days, many smart cars tend to have electronic control units connected with sensors and wires, as well as with Bluetooth and wireless systems that allow it to get online.

There are several components in a smart car – such as GPS, Lidar (light detection and ranging), video cameras, radar sensors, and ultrasonic sensors – that communicate with its computer. A security breach of these components could provide hackers with a doorway.

In other words, many cars are now “cyber-physical” systems, and there have been plenty of hacking incidents so far.

In 2016, hackers showed how the Nissan Leaf could be hacked from anywhere in the world via mobile app and web browser.

In 2015, two cybersecurity researchers demonstrated a remote attack, taking control of a Jeep Cherokee and sending it off the road. The FBI later issued warnings about car hacking via remote exploits.

Hackers Remotely Kill a Jeep on the Highway—With Me in It.

Again in 2015, hackers exploited a vulnerability in BMW’s ConnectedDrive technology and showed how they could exploit it to unlock the cars.

In another similar attack in 2016, hackers remotely unlocked Volkswagens.

Cybersecurity guidelines for the smart car industry

Many countries are beginning to recognise that the car industry needs to meet cybersecurity standards.

In 2016, the US Department of Transportation introduced cybersecurity best practices for modern vehicles. They encourage companies to follow the National Institute of Standards and Technology’s cybersecurity framework: identify, protect, detect, respond, and recover.

The UK’s key principles promote car cybersecurity governance at the board level.

It also looks at risks specific to the supply chain and urges manufacturers to consider the security of car software and firmware, as well as ensuring secure data transfer and efficient response mechanisms if a breach occurs.

The European Union Agency for Network and Information Security also published Cybersecurity and Resilience of Smart Cars earlier this year, which provides a list of good recommendations. These include a focus on communication protection, access control, cryptography and user data protection.

Do Australian cars need cybersecurity rules?

With manufacturers introducing smart cars in Australia, it’s time for similar, enforceable guidelines to be introduced locally.

In smart cars, many components are not designed with security in mind. A car’s electronic control unit, for example, as well as its infotainment system and locks, may have strong access control. An electronic key, a passcode or biometrics are often used.

But what if an attacker took advantage of a vulnerability in a tyre pressure reporting system or sensor-fitted headlights and used it to gain control of the entire vehicle?

Read More: Cyber attacks ten years on: from disruption to disinformation

Any guidelines should address all of the car’s potential vulnerabilities – each piece of software running in a smart car should have its own security measures in place.

The guidelines must also address cybersecurity compliance, not just for manufacturers, but for repairers and parts suppliers as well. Compliance and audit control will ensure that all stakeholders in the supply chain follow the best security practices.

The guidelines should also ensure smart car manufacturers have patches and updates available for their customers as part of their continuing post-sale service.

Guideline compliance should also become part of a car’s annual registration renewal process to ensure everyone’s security and safety. As autonomous vehicles arrive Down Under, it’s time to get out ahead of the risk.

Authors: Tanveer Zia, Associate Professor in Computing, Charles Sturt University

Read more http://theconversation.com/australias-car-industry-needs-cybersecurity-rules-to-deal-with-the-hacking-threat-82268

Writers Wanted

Victorian Health Minister Jenny Mikakos quits, lashing out at Daniel Andrews


What would Amy Coney Barrett, Trump's pick for the Supreme Court, mean for abortion rights in the US?


Body fat deep below the surface is a toxic risk, especially for your heart


The Conversation


Did BLM Really Change the US Police Work?

The Black Lives Matter (BLM) movement has proven that the power of the state rests in the hands of the people it governs. Following the death of 46-year-old black American George Floyd in a case of ...

a Guest Writer - avatar a Guest Writer

Scott Morrison: the right man at the right time

Australia is not at war with another nation or ideology in August 2020 but the nation is in conflict. There are serious threats from China and there are many challenges flowing from the pandemic tha...

Greg Rogers - avatar Greg Rogers

Prime Minister National Cabinet Statement

The National Cabinet met today to discuss Australia’s COVID-19 response, the Victoria outbreak, easing restrictions, helping Australians prepare to go back to work in a COVID-safe environment an...

Scott Morrison - avatar Scott Morrison

Business News

5 Ways a Printed Marquee Can Help You Sell More at Markets

If you’re a local business owner, you probably already know that outdoor markets are a great way to reach customers and sell your product. If you already have permanent premises, they allow you ...

News Company - avatar News Company

5 Essential Tools for Working Remotely in 2020

The average, modern office worker spends 8 hours a day, 5 days a week in a company building. Since the start of COVID, however, many of these companies have allowed workers to work from home due...

News Company - avatar News Company

What happens to all those pallets?

Pallets — they're not something everyday people often give much thought to. But they're an integral part of any business which receives or distributes large quantities of goods. But once the goo...

News Company - avatar News Company

News Company Media Core

Content & Technology Connecting Global Audiences

More Information - Less Opinion