Buckle up: Security threats to connected cars get real

As our connected cars move from syncing our music to driving us home, drivers, passengers, and pedestrians are starting to wonder if they should trust these high-velocity death-mobiles with their lives.  It’s a good question.

Tesla, one of the leaders in next-generation cars, in July faced an open challenge from security researchers in China to identify cyber vulnerabilities — which reportedly was successful in only two days.  While this open source approach is admirable, it’s also telling.  Add the new driverless trials in the U.K. and the fact that the FBI has just started talking about deliberate misuse of our connected cars - for crime, terrorism and more - and it’s clear these threats are real.

In a recent cyber war game, players successfully disrupted a military supply chain for fuel and ammunition deliveries to a port by strategically placing a powerful roadside radio broadcasting messages that “all tires were flat” and to “shut down engines for safety.”  Many sensors currently transmit data in clear text, with little or no cryptographic verification of source.  Stopping cars dead can create traffic jams on command, cause dangerous accidents, lose critical transport conduits, or be part of a more coordinated attack.