Cybercrime and Cars?
The world is becoming ever more connected. Nowadays, fridges, televisions, and even doorbells are becoming 'smart' and are being connected to everything else through the Internet of Things (or IoT). The cars that we drive are no exception, with smart features now considered as being standard as opposed to add-ons like they once were.
It might sound a little strange, but as the automotive and transportation industries get smarter and more connected, they also become more exposed to cybercrime!
Having everything connected to cyberspace provides a lot of convenience to users, but it also comes with its fair share of risks. One such risk is the danger posed by cybercriminals like hackers, identity thieves, scammers, and more. It's easy to assume that cybercriminals only target computer systems and large databases, but this is far from the truth. With the automotive industry and cars connecting to cyberspace, these things can also be targetted by cybercriminals for their own benefit.
But what do cybercriminals gain by exploiting cars, drivers, and the automotive industry as a whole? Personal data and money are two common motives behind this. Generally speaking, cybercriminals want to steal your personal data (such as credit card information) which they can then exploit for financial gain. Also, as we'll see below, cybercriminals are looking to extort large amounts of money from companies in the automotive industry.
Let's take a look at some general ways that the automotive industry, car fleets, and even drivers like you can be exposed to cybersecurity risks.
The Automotive Industry
At the industrial level, the automotive industry is lead by huge manufacturers with high-tech facilities producing cars at a massive scale. Like any other company, they're exposed to cybersecurity threats such as data breaches and 'ransomware'.
Data breaches are quite straightforward. These are incidents where hackers break into a company's system to steal valuable and private information to be sold on the black market. This sort of stolen data could be useful for competitors who are trying to find out their trade secrets or how they conduct their business and manufacturing practices.
Ransomware, on the other hand, is much more damaging. This is when hackers take over a company's entire computer system and demand payment for it to be released back into its owner's control. Furthermore, there's also the risk that even if the car manufacturer paid the ransom, they still wouldn't regain control of their systems. This can be especially damaging to car manufacturers who follow strict production deadlines but are forced to stop production until they regain control of their computer systems.
On the road, groups of cars are sometimes connected together to form fleets. These include corporate car fleets driven by employees of a company, rented car fleets operated by rental companies, and more. By enabling all these fleet cars with telematics technologies, companies can keep track of where these cars are at all times. For security reasons, these connected fleet cars can also be immobilized remotely if they're ever stolen, so they may be located and recovered quickly.
Unfortunately, these features can also be used against the companies who own them. If a cybercriminal were to break into the systems managing these car fleets, they'd be able to know the exact location and movements of each of those cars. As we've learned in the last section, this kind of information could potentially be useful to competitors who buy it on the black market. Worse still, cybercriminals could cause chaos by immobilizing those vehicles in the middle of the road using the same systems meant to protect them.
Drivers and Passengers Like You
Cybercriminals don't just target large organizations, they also target random individuals. As a car owner and driver, pay closer attention to contact points that a lot of different drivers share, such as petrol pumps and electric car charging stations. These locations are targetted by criminals with remote devices that capture your credit card information when you swipe or wave them to make a payment. In Malaysia, electric car charging terminals are still rare, but with time they'll become a more common feature everywhere.
Believe it or not, identity theft can also happen when it comes to ride- and car-sharing. By using your identity and details stolen from somewhere else, cybercriminals could be using ride- and car-sharing services for free and charging it to your account.
While car manufacturers and fleet owners are responsible for protecting their users from cybercriminals, you can also take some basic steps to protect yourself. For starters, be wary whenever you swipe or wave your credit cards to make payments and look for suspicious devices at payment terminals. Additionally, keep track of your ride- and car-sharing accounts for suspicious activity and report anything unusual as soon as possible.