Lessons to Learn

It is hard to miss the frightening headlines about car hacking scenarios.  But in reality, there’s more to automotive cyber security. Hackers may be individuals seeking financial gain, or groups that have an issue with a particular brand, and even state actors who see vehicles as gateways to massive personally identifiable information (PII) hauls. The threat scenarios will vary, but stealing data is the most likely motivation.

The real stories we’ll see will look like this: a hacker lurks in back-end systems and vehicle networks to extract data and sell it or holds it for ransom. A nation state’s cyber offense team manipulates indicators, like a gas gauge, to sow confusion and distrust among drivers, undermining a particular company’s brand. Unlike the attention-grabbing research done by white hat hackers—like the 2015 Jeep hack or Zubie vulnerability identified in 2014 – future hackers won’t simply focus on headline-grabbing vehicle takeovers. They’ll seek to take advantage of this irresistible mix of personal, payment, and behavioral data that our connected cars increasingly collect.