We are behind in automotive cybersecurity in Canada. What now? – Electric Autonomy
As more vehicles plug in, connect to the internet and swap data, a cybersecurity knowledge gap is emerging in Canada that is putting us years behind the rest of the world and which stakeholders aren’t addressing fast enough
It is common knowledge that we have never lived in a more connected world, which now increasingly includes vehicles, or, as some refer to them: computers on wheels. While this advance opens up a world of opportunities, it also presents some compelling and urgent safety concerns.
Today, behind the wheel of any connected vehicle lies a complex, murky and evolving web of rules, regulations and loopholes in transportation cybersecurity. Most countries, companies, policymakers and legislators around the world, including in Canada, are playing catch up with the rapidly advancing vehicle technology. The need to get cybersecurity regulations ahead of the curve is clear.
Sean Ho, Director of Business Development and President of Autocrypt North America
“Companies didn’t really know about the risks three or four years ago,” says Sean Cho, director of business development at Autocrypt, a South Korea-based cybersecurity firm, in an interview with Electric Autonomy Canada.
“Cybersecurity always comes at the last minute. When you are building connected infrastructure the first thing you care about is ‘Does it communicate? Does it work properly?’ Then, lastly, they care about security. But now with vehicles getting more connected, cybersecurity needs to be a top priority.”
Wide range of threats
In the not-so-near future it’s possible a connected vehicle could have thousands, if not tens of thousands of different connectivity points in a day. From chargers to syncing over Bluetooth to infotainment systems to GPS to communicating with other vehicles, pedestrians, cyclists and buildings on or near a road, the opportunities for a breach are copious.
Concerns in vehicle cybersecurity range from annoying to life-threatening. The spectrum extends from a car that has its infotainment system hacked and infected with viruses to malware that takes out charging services for an entire provider, to a vehicle that is remotely taken over to be used as a weapon on the road.
“[Electric vehicles] plug into the charging station and there is energy communication and data communication. There is the point where the charge point operator and the vehicle act as an open door for a potential data breach.”
Sean Cho, President of Autocrypt North America
Harken back to 2015 when hackers (luckily, the white hat kind) were able to hack and take control of a passenger-carrying 2014 Jeep Cherokee, remotely. The hack was part of a demonstration for a story in Wired, but the results were very real: over 1.4 million vehicles were recalled by Chrysler for a security update to fix the flaw and the company — along with the driving public — was given a sobering preview of the stakes, which in a real hack could have been much worse.
With so many potential threats both to vehicles as well as the ecosystem and supply chain, it is nearly impossible to imagine that any one entity can (or should) be responsible for cybersecurity. Instead, says one industry expert, the answer is in creating an ecosystem of safety.
AJ Khan, President of Global Syndicate for Mobility Cybersecurity.
“There’s a huge opportunity here, which is of consumer awareness, changing the mindset and letting them …….
Source: https://electricautonomy.ca/2021/11/02/vehicle-cybersecurity-canada/