An internet connection is rapidly becoming standard in cars. And hackers are catching on. What can we do to protect connected cars?
You're in the middle of the highway and, suddenly, the brakes block, the door locks jam and the steering wheel stops responding. It's an entirely realistic scenario because ever more cars are equipped with internet access, allowing them to provide digital services such as music streaming on the go, but also turning them into targets for hackers. The automotive industry is working hard on safety solutions for connected cars to prevent malicious manipulation turning them into a major security risk on the road. The standardization organizations ISO and SAE and even the United Nations are also working on vehicle cybersecurity standards. The two most important safety measures are the secure design of the vehicle and the digital environment and a Cyber Defence Unit monitoring vehicles around the clock.
Car security by design
Whereas cars used to be designed primarily with driving safety in mind, today IT security must also be a basic principle in their development. That means: Security by design. One key measure is incorporating a gateway into the on-board network, a sort of firewall that checks which devices are allowed to communicate with each other. For example, if the radio tries to send a command to the brakes the gateway intervenes to block the message. But it is not just cars' on-board electronics that require protection, the entire IT and communications infrastructure around us, including the mobile network, the manufacturer's data center or third-party infotainment apps, all need to be secured.
Security Operation Center for cars
There's no such thing as infallible security. That's why cars need a cyber bodyguard once they're on the road: a Security Operation Center (SOC) for cars. The Center keeps an eye on vehicles throughout their life and fends off potential cyberattacks. To make this possible, information from the entire road ecosystem flows together in a central IT system. This includes, for example, data from the vehicle, backend and mobile communications system, as well as knowledge about hackers' current strategies and tools. Using fixed rules, the system scours the data for signs of cyberattacks and sends alerts. Security specialists then review these alerts and initiate countermeasures in an emergency. SOCs have long been standard in the IT world. Deutsche Telekom, for example, operates one of Europe's largest and most modern Security Operation Centers.