Were Our Cars Born To Be Wild?

Jan Valcke, October 14, 2015

The lyrics, “Get your motor running, head out on the highway” may bring a lot more adventure in the future. Two security researchers wirelessly hacked a Jeep while it was being driven. They were able to take car hacking to the next level. They moved beyond dashboard functions and were able to compromise critical control mechanisms such as steering, transmission and brakes. The significance of this threat is off the chart. If you’re the victim of a hack against a retailer such as Target or Home Depot, your bank simply issues a new credit card and removes any fraudulent charges. If you’re the victim of a malicious automobile attack, the consequences could very easily be fatal.

As we enter a new era with smart-everything and virtually all technology items connected, previously innocuous objects from automobiles to medical equipment to home electronics could be hi-jacked for malicious purposes and with lethal consequences. The security implications are most significant. If a freelance hacker will launch a DDoS attack that can bring down a business today for just $5, how little will they charge in the future to execute an attack with the intent to kill someone, instigated by a jilted lover or business rival? And how will people possibly defend themselves?

There has been a lot of attention on the internet about this hack. I believe this is precisely because it made us realize that a new wave of potentially harmful attacks have moved from theoretical to proven. Hacking a car from a distance has always seemed like a bad plot from a James Bond movie. In the past, we read about the flaw in the security chip used in theft prevention by Volkswagen and Audi, and most remember the story about the cars that were honking out of control because an intruder fiddled with the vehicle’s web-based system, but the recent example of a car being hacked while driving on a highway makes us feel less safe.

Like with any other hack, there’s also an economical harm. Chrysler voluntary recalled 1.4 million cars because of this security flaw. Chrysler owners have received a USB device they need to plug into the car, which will load in the security patch. However, one recall will not change the fact that the number of connected cars, SUVs and trucks will increase spectacularly.  Forbes predicted that there will be more than 150 million connected cars on the roads worldwide by 2020.

The call for more security in the car industry has already been proposed by two US senators. They drafted a bill to require cars meet standards of protection against digital attacks and privacy. It is undoubtedly a good idea to put this issue on the political agenda. Imagine what will happen when we have computer controller cars? Car manufacturers have not designed cars with hacking in mind, but it is clearly time for them to adopt a new and safe approach before disaster strikes.

Jan Valcke’s resume reads like the history of strong user authentication itself. Mr Valcke was co-founder and member of the board of director of Digiline, the company that developed and marketed the first Digipass strong authentication tokens, back in 1991. From the early start on, Jan Valcke has