More than half of British and German drivers are concerned with the safety of connected cars, and manufacturers see a three-year security lag, according to research published this week.
The report, commissioned by cloud-based security firm Veracode and produced by the International Data Corporation (IDC), focuses on vehicle security and driver privacy with the rise of the connected car.
IDC conducted interviews with British and German drivers as well as car makers such as Fiat-Chrysler, Seat, Scania, Delphi and German industry body ADAC.
BI Intelligence estimates that by 2020, 75 percent of cars shipped will have the necessary means to connect to the Internet. The main worry here is hackers infiltrating and taking control of such cars.
This is certainly possible, as Jeep proved last year when its research team managed to hack into a Cherokee model while it was driving at more than 70mph on a US freeway,
Drivers are particularly sceptical of the security of in-car technology such as adaptive cruise control, self-parking and collision avoidance systems and what would happen if they fell victim to a cyber-attack.
86 percent of the drivers polled in the research believe that all areas of safety – which includes their cars being vulnerable to cyber-attacks – should rest with manufacturers alone.
As well as this, all the manufacturers interviewed have worries themselves. They fear that critical in-car systems could become exposed to applications they did not develop, which renders the possibility of their cars leaving their control.
While this is the case, they don’t have any real worries around driver data privacy, contradicting what drivers think. 43 percent are concerned about this topic, especially as applications are constantly integrating.
Connected cars and security afterthoughts
Chris Wysopal, CTO of Veracode, said: “What we’re seeing happen in the auto industry is a microcosm of what’s happening in financial services, healthcare and virtually every other sector – applications are not created with security in mind, creating a major area of risk.
“Exposing a car to the Internet makes it vulnerable to cyberattack due to poorly written software, which could render the car unstable or dangerous.
“Building a secure application development programme is a significant challenge for manufacturers, which is compounded by the need to do so under the microscope of government regulated safety standards and liability concerns.”
Jonathan Hewett, head of strategy at Octo Telematics, sees huge potential for connected cars but believes that the need to protect data is crucial.
He told Internet of Business: “The car is rapidly evolving from a simple mode of transport to a personalised information hub: with the connected-car market currently growing at a five-year compound annual growth rate of 45 percent.
“With the proliferation of connected cars, computers will increasingly have the ability to control every function of our vehicles. This is a hugely exciting opportunity for car owners – in terms of insurance alone, the ability to collate and analyse real-time driver and vehicle data is enabling some of the world’s leading insurers to reduce connected users’ insurance premiums by up to 30 percent.
“The need to protect data in the shift to connected, driverless and autonomous cars is implicit and those behind the connected car movement must operate to the highest levels of system security standards. A user-focused, security-first approach to every layer of the connected car will be essential.”