Carhacking: how thrillers become reality
Carhacking is about to become a major security issue affecting many car owners. Find out why it’s emerging now, how it can hurt consumers, and what automotive brands can do to protect their cars and their customers from carhacking.
A guy sits in a dusty room surrounded by empty pizza boxes and chip bags. He furiously types away at a laptop, then presses “enter” and yells: “I’m in!” “In” means a car software four thousand kilometers away from him. Now he’s able to control said car, and as the driver looks bewildered on, red lights start flashing on her dashboard and the car swerves itself toward oncoming traffic.
What is this? A Hollywood blockbuster or real life? Unfortunately for us, both.
According to the definition published by TechTarget, “car hacking is the manipulation of the code in a car's electronic control unit (ECU) to exploit a vulnerability and gain control of other ECU units in the vehicle.”
Depending on the amount of functions a software controls in a car, this could mean anything from unnecessarily switching the “check engine” light on to life-threatening scenarios like swerving your car into a ditch.
Generally speaking, the newer and more high-end a car is, the bigger role software plays in its operation. For example, a vintage MINI classic 1000 from 1988 may be less susceptible to carhacking than a brand new Tesla or Audi fresh from the factory.
A new service by Volkswagen may greatly increase the number of hackable cars on the market. The German car manufacturing giant recently announced that from the summer of 2021, all software updates in its electric cars will occur remotely and automatically.
Smaller and more niche manufacturers like Tesla and BMW have experimented with remote software updates before. However, considering their market size and target audience, their actions haven’t affected the global market of car manufacturing to a large extent. But that is about to change.
Volkswagen is one of the largest producers of affordable cars worldwide, which means that their remote software updates will affect a considerable amount of car owners. Not to mention their competitors, who will most likely feel compelled to offer a similar level of service. Hence, the global market of electric cars is about to experience a turmoil.
On the one hand, that’s certainly good news. Instead of visiting your car dealership in person, your car can get the necessary software updates done automatically every three months. Just like a smartphone.
On the other hand, this is a massive opportunity for carhackers and any other person with malicious intent to get access to and control over your car - even from thousands of kilometers away.
Carhacking cases are already on the rise. In 2019, 176 cases were documented in the US alone, up from 78 in the previous year.
The aim of these attacks is usually theft, but there’s no doubt that criminals can come up with even more malicious uses of carhacking like terrorist attacks and kidnapping.
Not to mention that a potential combination of carhacking and self-driving cars brings the whole issue on a whole new level of scary. And with widely available advice on how to hack cars, as well as a rapidly growing supply of cars susceptible to such attacks, we can expect carhacking cases to increase quite heavily in the near future.
The automotive industry is already plagued by counterfeiting and grey market problems that could be further aggravated by adding carhacking to the mix. Hacked car software made available on the darknet could pose a serious safety risk for consumers, and cause significant losses of revenue and reputation for brands.
Counterfeited car parts are often made from subpar materials and are very dangerous, even lethal when in use. For example, low quality counterfeit brake pads made out of plastic can simply melt against the wheel during the first few uses. After that, you have a big lump of melted plastic on your wheels and no brake pads at all. Not exactly the best bargain you’ve ever made, right?
Hacked software bought cheaply off the internet can have similar consequences. What if your bargain software already has a bug in it that allows criminals to access your car within seconds?
While not because of carhacking, but we do come across stolen automotive software offered free of charge on various marketplaces. These listings undermine the manufacturer’s sales channels and steal their revenue. Since comprehensive usage of software in cars is still relatively new, many brands in the automotive industry might not have put first priority focus on IT security issues yet. Whether it’s an employee, hackers, or anybody else stealing the code, car manufacturers now face a new, digital threat in addition to the existing physical challenges like counterfeiting.
All of the above means that automotive brands need to stay ahead of the game and develop strategies and solutions against carhacking before it becomes a mainstream problem.
The automotive industry and online brand protection have a long shared history. Considering that fake products in this industry are not only damaging to brands but can cause serious accidents, even death to consumers, automotive brands like Audi have been dedicated to the fight against counterfeiters and other scammers for a long time.
globaleyez works with Audi and other automotive brands to minimize the amount of counterfeits and grey marketed products on the market. Our highly adaptable services and dedicated experts ensure that all our clients enjoy a comprehensive online brand protection program, regardless of their unique situation.
Our marketplace monitoring service covers over 150 online marketplaces worldwide, searching for counterfeited or grey marketed versions of your products. This can include hacked or pirated software as well, which is quite promising when it comes to carhacking. Our experts provide you with comprehensive reports and data filtered according to your needs, as well as advice on next steps.
Like a test purchase. To determine the origin of a product and the behaviour of a seller, we conduct test purchases in over 50 countries. Our court-admissible documentation leaves no data out and provides you with exact information about a particular product and its seller.
Our domain, image, social media, app monitoring, marketplace sales tracking and partner compliance services each cover a segment of online brand protection that is often invaluable for automotive brands. For example, a cybersquatted domain name, images of counterfeit car parts, social media ads promoting fake products, an unauthorized car racing app using your brand’s name, or a business partner dishonouring their agreement could all cause significant damage to your brand. We’re here to put a stop to it as fast as possible.
Finally, our enforcement service ensures timely action when it comes to the takedown of infringing listings, domains, images, ads, apps, and anything else that hurts your IP rights.
Treating a problem is often more difficult than preventing it.
Carhacking has yet to become a mainstream problem for the automotive industry. Which means that now is the perfect time to come up with preventative counter-measures and create a protective barrier that withstands future hacking attacks. Right now, the automotive industry has a great opportunity to stifle carhacking before it even truly begins.
Dear car manufacturing friends, all eyes are on you. But remember, we online brand protection experts are ready to help you in any way we can.