Cybersecurity is a cause for concern across all transportation segments.
A consumer generally faces just the automobile aspect of cybercrime vulnerabilities but this is equally true for aviation, road traffic management, navigation for shipments, metro, buses, railways and even pipeline systems.
Pritam Shah, Assistant Vice President - OT / IoT Security, Inspira Enterprise, explained to Mobility Outlook about the risks associated with cybersecurity threats like DDoS (distributed denial of service) attacks, embedding viruses, spoofing, phishing, malicious attacks, etc.
Although there are strong countermeasures in place, the automotive industry cybersecurity ecosystem is still in its nascent stage. “A vehicle may be hijacked with the driver losing control and causing a massive accident. Serious personal injuries may also occur via these cyber-attacks,” he said.
Most modern vehicles, especially electric cars, are already connected to their home bases for updates, upgrades and specific requests. Multiple assist features with steering and braking technologies can open up vulnerabilities. These security gaps may exist right from the
manufacturing side as malicious code may be embedded into the on-board computer, or during the vehicle operations side through connected features and the GPS system.
Another crucial point of entry for hackers is the charging network for electric cars. As the entire charging grid is connected along with the vehicle, these could well be exploited to cause cyber damage.
In India, it is very difficult to determine who is at fault: the driver or vehicle. Shifting to smart cities and smart traffic management system could only make things difficult in terms of hijacking vulnerabilities that in turn can cause traffic chaos.
“Government mandates are in place to equip necessary failsafe in embedded firmware and software for cyber-attacks,” said Shah. Standards like ISO 21434, ISO 26262, ISO/IEC 27001 etc have ensured cyber safety of vehicles through the communications and applications layer.
Risk Assessment
Manufacturers also carry out extensive risk assessment of vehicles to determine the kind of vulnerabilities that may compromise any system. OTA-updated systems pose a lot of risk as updates open backdoor passages for hackers to get in and exploit firmware vulnerabilities. Connected systems also carry a lot of driver personal data.
An entire gambit of regulations thus dictate inherent security features in the firewall to be added to fend off any such attacks. This includes a third party constantly monitoring data which springs into action when something is detected.
“At the end of the day, it is the consumer who has to face these challenges and needs to be protected. Spreading awareness becomes paramount here as the end-user is the weakest link in this chain,” said Shah. With the introduction of payment gateways in vehicle screens, there will be another set of challenges for security and consequently more regulations.
Inspira Enterprises itself has a lot of services being offered to optimise cybersecurity right from strategising and engineering solutions to analysing and preparing for future attacks. More than 60% of the business is attributed to cybersecurity. Engineers are able to understand specific requirements by clients and can design long-term solutions for various applications.
Also Read
Global Automotive Cybersecurity Market Size To Touch $6 Bn By 2028