Wards Auto is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

The post-pandemic economy is pummeling auto sales, but the new generation of vehicles is also creating waves. People who spend all day using smartphone apps want their vehicles to have similarly responsive, information-rich interfaces and accessibility. This results in cars with more embedded computer code than fighter jets.

Manufacturers are scrambling to balance consumer demands while keeping models secure. In 2020 the United Nations adopted the UNECE WP.29 Cybersecurity and Cybersecurity Management Systems (CSMS) regulation that applies to 50 countries including the European Union, Russia, Australia and Japan and will address cybersecurity concerns to protect consumers.

Europe, which has a lengthy approval process for new models, is implementing rigorous cybersecurity rules that apply to all vehicles sold in the European Community. Current laws do not yet require vehicle cybersecurity in vehicles sold in the U.S.

Manufacturers have spent $300 billion on autonomy, connectivity, electrification, smart/shared mobility and other vehicle technologies. But automobiles, like any connected device, are vulnerable to hacking. In the past decade, cars have become increasingly interconnected, creating numerous opportunities for exploitation.

Imagine looking out your window to see your car running, with doors open and lights on – steps taken by a hacker moments before someone was poised to slip behind the steering wheel and steal it. Such a scenario is possible and could become more likely unless manufacturers carefully weave cybersecurity into the design and testing of each vehicle. 

The National Transportation Safety Board recommends integrating more security measures into vehicle designs. However, the safety protocol is developing more slowly than the interconnectedness of cars. The European Commission requires new security steps by 2024 but those are optional for U.S. manufacturers. American automakers must meet various emissions and safety standards, but none currently address cybersecurity.

Experts say hackers could hold vehicles for ransom in the future, locking up systems until the owner caves to their demands.

Some of the ways vehicles are connected include:

Increasingly, vehicle-to-vehicle communication meant to reduce crashes, is vulnerable to hacking because it may lack processes for securing such messages. It is currently possible for malicious actors to send messages to vehicles that could alter their course or cause the auto-braking system to activate.

Experts say there are now more software engineers than mechanical engineers in the automotive industry. As vehicles become increasingly sophisticated, manufacturers must ensure that security keeps pace with innovation, including:

The future holds great potential for automotive innovation, but with it comes great responsibility. The industry is facing new terrain that must be navigated carefully, with security goals given the same priority as technology development.

David Lukić  (pictured, left) is an information privacy, security and compliance consultant at IDstrong.com .

More information about text formats