On the road, safety concerns everyone, even for drivers of connected cars. Even if connected and/or semi-autonomous cars offer a certain comfort on the road and manufacturers have made safety a priority, they are not without vulnerabilities. Indeed, the multiple repetitive accidents of drivers of Tesla connected cars have raised the issue of cybersecurity in these vehicles. In addition to wanting to ensure road safety – although contested – these vehicles equipped with the latest technologies collect confidential user/driver data that may be accessible to malicious people. With technologies that are still vulnerable, such as Autopilot, that can be hacked remotely, the security of these vehicles also concerns cyberspace.
One of the most talked about connected cars is Elon Musk’s Tesla car. In January 2019, Tesla promised a significant reward to anyone who could hack into Model 3 connectivity or driver assistance technologies. In order to strengthen the security of its IT systems and the various technologies used by Tesla, a Model 3 of the company was to be won. Although road safety is important, so is cybersecurity. After the multiple road accidents of Tesla cars, the Tesla Autopilot raised many doubts about its effectiveness. Finding breaches and bypassing the security of such a system ultimately means improving it. Hacking into a connected car would be fatal for drivers. In 2016, Chinese experts demonstrated that it was possible to hack a Tesla S 20 kilometres away. They were able to open the trunk, doors and even operate the brake. These demonstrations and research elements highlight high risks that would endanger drivers’ lives.
Beyond Tesla cars, the two-cybersecurity researchers, Charlie Miller and Chris Valasek, hacked into a Fiat-Chrysler from a remote location, forcing the manufacturer to make an update to fix the flaw. The piracy rate of connected cars is therefore constantly increasing. From keyless start systems to vulnerabilities in infotainment systems connected to the Internet via Wi-Fi or mobile networks, security researchers have demonstrated that a few dollars is enough to hack into the complex systems of connected cars.
Currently, these cars are connected at two levels, one for short-range connections (Bluetooth, RFID, Wi-Fi) and the other for long-range connections (including 4G chips), allowing data to be exchanged on cloud platforms and support services such as eCall. However, a new standard called “vehicle-to- everything (V2X)” will be introduced in 2024. This standard will apply with the installation of sensors on vehicles, which will be able to “communicate with each other”. This project to make cars into real “mobile computers” will offer platforms that are more connected and therefore more opportunities for attackers to act inappropriately.
These multiple simulated attack demonstrations reveal the vulnerability of such technologies, which are supposed to guarantee the lives of users. Semi-autonomous cars are not immune to remote hacking. They require more security since the lives of users are always at stake. Manufacturers have no choice but to consider cybersecurity in the construction of their vehicles. The future of connected cars remains uncertain, but one thing is certain, their safety is a priority and a procedure to follow before they are even marketed.