Connected cars, like any device using the internet, are exposed to a range of vulnerabilities that most drivers dare not even contemplate.
Even without being connected, the digital technology in place is at risk from digital “hackers”, whether through the cloning of remote control key entry and engine starting or from malware introduced to internal systems via infected diagnostic tools at the local garage.
For owners and drivers of connected vehicles, there is no one currently willing to hold up their hand to take responsibility for protecting users’ cars, even if these cars are already connected and use information, entertainment or driver assistance services delivered via the car manufacturer, the owner’s mobile provider or their partners.
Deutsche Telekom’s role in the future of connected cars
Deutsche Telekom chose its recent Cyber Security Tech Summit Europe in the Germany city of Bonn to focus on this issue and sought to share its early work on cybersecurity protection for the car industry.
With so much digital technology on board, the connected car of the future will need constant protection from cyber-criminals looking to access its systems via the internet.
Deutsche Telekom is building a defence centre for the car industry to provide “digital bodyguards” for drivers based on the growing realisation that connected driving will not be possible without real-time cyber defence.
At its state-of-the-art security operations centre in Bonn, where experts protect the telco’s own extensive IT infrastructure and that of several DAX 30 companies (and many SMEs), 240 experts are at work fending off attacks around the clock.
They analyse hackers’ methods and capabilities, investigate their tactics, and perform IT forensics on criminal activities, reconstructing attacks and securing evidence. Data is also collected by 2,500 “honeypots” installed worldwide, designed to attract and expose hackers. With all the information gained, Deutsche Telekom is able to improve its own technology for cyber defence.
The company says that a defence centre for cars integrated into existing security operations centres (SOCs) would provide a number of advantages. Deutsche Telekom’s subsidiary, T-Systems, is already supporting the automotive industry in the development of connected and autonomously driving cars.
In a so-called “Car SOC”, the telecom company would combine its expertise in security with knowledge of the automotive sector, helping the industry gain valuable insights into the fight against car hackers. Deutsche Telekom benefits from its extensive knowledge about attacks on the companies it protects across all industries including those with critical infrastructures.
The way cyber defence systems work involves self-learning: if a hacker attacks a company, the SOC defends all its companies – in real time. The same applies to cars. If one car is attacked, the Car SOC defends its entire fleet of vehicles.
Despite Deutsche Telekom’s proactive approach, the question of who takes responsibility for protecting drivers against hackers remains unanswered. One recent survey cited by the company found that almost two-thirds of automotive industry executives in the US and Asia said they were considering the issue of security.
Wait, only two-thirds? “Considering” the issue? Europe hasn’t travelled much farther down this road: the membership of the ACEA (European Automobile Manufacturers’ Association) has in place a “plan” to discuss cybersecurity with the relevant authorities and industry players in the future.
It sounds like there is still some work to do on grasping the urgency of connected car security within the industry itself before Deutsche Telekom’s vision of real-time protection from Car SOCs can be adopted.
In the meantime, drivers may wish to ask their dealer the same question: who is responsible for protecting this connected car from hackers?
This feature was initially published on Verdict, which is part of the same group as NS Tech and GlobalData