In our last blog, we explored four layers of cybersecurity risk in mass transportation. The same fundamentals apply to today’s automobiles and electric vehicles, but with key differences in both the data infrastructure and the implications of those threats.
In many ways, personal vehicles and their connections with mobile phones are even easier to thwart than public transit systems. Have you read the story about the German artist who caused a traffic jam by pulling 99 smartphones down a street in a wagon? Google Maps thought those phones were cars, so diverted drivers onto an alternate route (which became congested).
Hackers Can Compromise Connected Cars
In 2020, more than half of the cars sold globally came with standard internet connectivity and Bluetooth technology to connect other devices. In addition to hacking a vehicle’s computerized security system, bad actors now have multiple entry points to access all kinds of personal information stored on a connected mobile phone. The three largest potential threats to connected cars include theft of the vehicle, unauthorized access to user information, and cars performing unwanted actions, such as shutting down certain systems while in use.
The basic technology used in key fobs can be cheaply and easily recreated using such common electronics as old Nintendo Game Boys. So it’s easy to imagine what hackers can do with more sophisticated tools.
Mobility as a Service (MaaS) Ride-Sharing Platforms
Both drivers and passengers connect to ride-sharing apps that collect GPS and payment information during their trips. But, in many cases, those apps may continue to monitor users’ locations and access their credit card numbers in between rides.
With so many drivers and passengers connected to a single network, the possibilities for exploitation are vast.
Supply Chain Security and Trade Secrets
While it may not be of much concern to vehicle owners, manufacturers are definitely vulnerable to unauthorized access and sharing of proprietary information. Computerized machinery across the enterprise, as well as third-party suppliers, are both potential access points for cybercriminals.
In addition to theft of intellectual property, bad actors can sabotage the production process causing factory slowdowns, part failure, and stolen customer data.
Electronic and Autonomous Vehicles Are Vulnerable
It bears repeating: with increased connectivity and convenience comes more opportunity for foul play. Connected, Autonomous, Shared, Electronic vehicles are being developed by several different companies, and 5G technology will play a big part in their success.
These vehicles will have a different risk profile from the others we have discussed: they create intersections between the charging infrastructure, commercial EV fleets and power grids that must be monitored. By 2028, vehicle-to-everything (V2X) communication will be used in all new vehicles, enabling communication between vehicles via 5G, as well as infrastructure, pedestrians, cyclists, and other elements for road safety purposes.
Every company with a hand in vehicle-based mobility, from suppliers to cellular providers and ride-sharing apps, shares the responsibility of protecting people on the road. As we move forward with new innovations and our fast-paced lives grow even more connected, our security has to be just as robust and seamless—and just as much of a priority—as technological advancement.
Before you take the next step into the future of 5G, get in touch with our cybersecurity experts to create a plan for your company’s safety and that of your end user