• Bluedrop Insurance Blog
  • Awareness of connected cars and the threat of cybersecurity

    Connected cars cybersecurity

    In the automotive sector cybersecurity threats are increasingly more complex and with the integration of connectivity the risk to fleets brings the need for greater precautions. The integration of connected automotive systems continues to compromise security measures with cyber attackers always being one step ahead.

    With the emergence and promise of more autonomous and driverless cars by 2020, the threat only increases the questions around cybersecurity. As more and more parts of the vehicle become connected the possibility of hackers controlling the vehicle or any one of its component parts poses greater threats.

    How connectivity increases cybersecurity risks

    Potential entries of attack are increased with wireless connection which affects vulnerable aspects such as unlocking and starting the vehicle as well as diagnostic monitoring. As additional devices are increasingly added to your fleet vehicles via Bluetooth, WiFi, USB or through diagnostic ports the level of risk increases. With this risk  you also need to be aware that in may cases your fleet insurance policy won't stand if there is no physical sign of forced entry to your vehicle should items be stolen.

    It is important therefore that precautions are taken to only connect trusted devices and be aware that vulnerabilities are high where data can be accessed and downloaded, or systems can be taken over and controlled. Obviously, once on vehicle is accessed a hacker can quickly access an entire connected fleet and have an open door to your internal business systems. Fleet security is key as it is notoriously easier to access a fleet of the same vehicles rather than a group of individual vehicles.

    Commercial fleets are an easy target

    The commercial trucking industry as a perfect example where the industry is powered by connectivity technologies that allow platooning, accident avoidance, preventative maintenance and lowered driver turnover rates. With a common communication standard across many trucks and HGVs it makes a scalable solution for cyber criminals all the more easy. With fleet operators relying on telematics functions such as routing and remote diagnostics to stay competitive there is no escape from the requirement for connectivity, but more needs to be done to keep the technology robust.

    What makes it worse is that attack methods are also not limited to the physical proximity of the vehicle, and an attacker can connect to the car remotely. It is even possible to access a vehicle completely remotely and disable the breaks, manipulate steering, acceleration and GPS.

    How to reduce the cybersecurity risk

    Clearly a secure design does not guarantee security over time and it is therefore important that OEMs designing vehicle technology, such as infotainment devices, need to work to minimise software security bugs and to allow for patch updates to be easily integrated. Over-the-air updates are available for some cars, helping to counter attacks quickly before they are exploited.

    Many manufacturers of connected vehicles and parts are starting to invest heavily in security to safeguard vehicles from the very first stages of design, not to mention considering levels of in car distraction. Security needs to be considered as a core functionality rather than lagging behind the technology which continues to develop at an intense pace. Whilst the internet is full of advantages and benefits to autonomous vehicles, the threats imposed by cybercrime are greater. Each connected component should go though careful testing with limited access to the vehicle network being available.

    As fleet vehicles advance so do the cybersecurity risks, and it is important to understand the weak spots and to try to avoid them and integrate new systems that have been designed with security in mind.

    Whilst prevention is better than cure, it is also important to make sure your fleet is properly insured against such possible attacks as nobody can predict the future.

    Want to find out more about Bluedrop's Motor Fleet Insurance?
    Return to blog menu