According to a report by U.S. computer security software-maker McAfee, increasingly computer-dependent cars could soon become a hacker target. But software-selling fear-mongering only masks the real threat: It's you.
The report, released last night entitled "Caution: Malware Ahead (PDF)," warned security is lagging as vehicles are increasingly enhanced with embedded chips.
"As more and more functions get embedded in the digital technology of automobiles, the threat of attack and malicious manipulation increases," said McAfee senior vice president and general manager Stuart McClure.
"It's one thing to have your email or laptop compromised, but having your car hacked could translate to dire risks to your personal safety," he added.
Yes, and I can't imagine why a company that makes security software would have a vested interest in pushing out a report designed to scare people into believing their cars will be the target of vicious hackers. Oh wait, yes I can — to sell software to them. And don't get me wrong, we're victims of that fear too. We've run stories like "How Hackers can use smart keys to steal cars" and on CarShark Software.
But setting aside that fear-mongering, McAfee's senior vice president does raise a good point — with the modern-day driver now becoming more and more dumbed down, and the modern day car becoming more and more involved in the driving process while simultaneously becoming increasingly integrated with personal communications and infotainment devices, there are all sorts of new opportunities for problems to happen. But it's not malware or a trojan horse that's the real problem — it's the drivers now dependent on those features, functions and soporific and/or distracting infotainment choices.
Although researchers have demonstrated that computers controlling functions in automobiles can be hacked if attackers get into vehicles and, in some cases, from afar, a much greater issue is the decreasing connection between the car, it's movements, and the driver who is purportedly supposed to be in control. This was the problem that we found during the Toyota "unintended acceleration" mess. We dubbed it "Beige Bites Back." It turns out we were right — driver error was the single largest factor causing accidents dubbed "unintended acceleration."
One of the factors we laid the blame on was the continual adding of features — or "feature bloat" — which the report also details as a problem, saying that "the automobile industry is continually adding features and technologies that deliver new conveniences such as Internet access and the ability to further personalize the driving experience. However, in the rush to add features, security has often been an afterthought." You know what else has been an afterthought? Teaching people how to drive without the need for more gadgets and technology over-complicating the process.
But while the report ends by saying there were no indications that hackers have yet taken advantage of computer vulnerabilities in cars, we can be assured that drivers have already been bitten by the "beige" bug. Won't a focusing of our energies on stamping that out end up solving both problems?