Mr. Robot wants to drive your car.
But the Golden Globe winning drama’s fictional team of hackers is not nearly as dangerous as the real people who might try to take control while you’re driving, according to cyber security experts speaking at the Automotive Press Association luncheon Tuesday in Detroit.
“It’s going to happen,” said Tom Winterhalter, supervisory special agent, FBI Detroit Division, cyber squad. “There are groups out there that will want to try.”
While there are no cases of cars being taken control of on open roads, last year’s demonstration by two scientists hacking into a Jeep Cherokee and taking it over showed that it was possible. It also led to Fiat-Chrysler recalling 1.4 million vehicles to fix the software weaknesses.
Vehicles may become even more vulnerable in the future because they will work with more and more technologies, said Elaina Farnsworth, CEO of Mobile Comply.
“There will be new connectivity and converging technologies happening all at the same time,” she said, pointing to potential weaknesses in cars.
Cars have already become extremely complex with computers running many systems behind the scenes; according to supplier Continental, a typical new car has about 90 electronic control units. Steering, braking, and acceleration on many vehicles is controlled electronically and, potentially, has the chance of being overridden with a skilled and determined hacker.
“Other industries are much more advanced dealing with hackers,” said James Gisczak, attorney at McDonald Hopkins and cyber security specialist. Those industries, such as retail and healthcare have experience thwarting hackers, whereas the auto industry does not.
For years, automotive development has been a closed industry, where carmakers have shared little information with other carmakers, Farnsworth said. Now, to deal with cyber security, they will need to work together more often.
“One thing carmakers will have to consider is to do things like Tesla and provide more direct software updates,” she said.
Hackers could come from a wide range of groups, Winterhalter said. They could be from foreign countries looking to steal trade secrets, terrorists hoping to cause fear or thieves hoping to profit on stolen information.
The best way to stop them will be diligence, the group said. There will be a need to constantly monitor, improve and prepare for potential cyber threats. Last month, General Motors joined Tesla as the only two automakers pledging to work with security researchers to identify weaknesses—instead of threatening even “white-hat” hackers with lawsuits for tampering with a vehicle’s code.
Drivers will also need to make sure their vehicle is secure from cyber attacks by ensuring their vehicle is updated with the most recent software. The potential for a vehicle to get hacked will only increase over time and the more sophisticated a vehicle’s internal parts become.
“You can build your home as safe and strong as possible,” Winterhalter said, “but there’s always going to be someone who wants to try and break in.”
If they do, hope they only toy with your windshield wipers or change your radio station. While the threat remains something in the future, it’s a future that is right around the corner.