Skip to main content

It's a scene straight out of a horror movie: you're driving along a road when – suddenly – the radio volume increases, the air conditioning blows full blast and the car windows start going up and down, all on their own. And right before the steering wheel turns sharply out of your hands, you realize you're no longer in control.

This is exactly what happened in July when two hackers took over a 2014 Jeep Cherokee driven by a writer for Wired. It was an experiment involving all three to see how far a vehicle with Internet capability could be controlled by a remote party. But while Fiat Chrysler Automobiles, the maker of the Cherokee, came under fire for the apparent breach of security, the possibility of this happening to other manufacturers is growing with the introduction of more and more Internet- and wireless-connected on-board systems, forcing auto makers to focus not just on vehicle security, but data security as well.

Markus Haut, FCA's press officer for Jeep in Europe, said at the Frankfurt Motor Show last week that FCA has already delivered a software update to close the door the hackers used.

"This issue was underestimated by the entire car industry," he said. "These safety updates are necessary on a regular basis. This has not been a case in the auto industry so far, because it was not very usual that cars have been connected to the Internet, but now they are."

But software isn't going to block the hackers entirely. Vehicle controls and infotainment systems have to be separated, something that FCA now realizes.

"We had these connected in the U.S. for service reasons," Haut said. "The car transmits data related to the on-board diagnostics so that a technician can read it when you bring it to the dealership for service.

"We had this connection between the Internet transmitter and the data bus, so what we've done is completely cut the connection, and now if the hacker comes he might be able to control the radio but he can't touch the steering or the brakes."

Also in Frankfurt, Jaguar unveiled its F-Pace compact crossover, which the company says will be the most connected Jaguar ever. Its infotainment system acts as a hotspot with a SIM card, able to support up to eight devices. Peter Virk, Jaguar's head of connected technologies and apps, says the company is taking added steps to ensure its systems are protected from cyber attacks.

"Security is a high priority with Jaguar," he said. "We make sure that our systems are both firewalled and protected, so one system doesn't necessarily talk to the other. And we use the latest updated encryption.

"We constantly like to monitor and check our systems to make sure we have the latest levels of security, patches and so forth."

To help the auto industry combat hacking, the computer company Intel recently announced it has established the Automotive Security Review Board, a group of cyber security experts that will test and audit systems and recommend solutions and standards for auto makers concerning connected vehicles. These standards and protocols will become even more important with the advent of autonomous cars and vehicle-to-vehicle communication, where each car communicates with others with data such as speed, location and traffic congestion. The drive systems – brakes, throttle and steering – in these cars will have to be tied to an Internet- or wireless-based network, which opens the door for even further havoc from a malicious hacker.

"Imagine this system exists and all cars are driving autonomously, imagine what a hacker could do," Hauf said. "Everything that can be controlled by software in the car can be controlled by software outside the car. It's a system weakness, and the auto industry has to solve this."

Like us on Facebook

Follow us on Instagram

Add us to your circles

Sign up for our weekly newsletter