Market researcher Gartner says there will be 220million connected cars on the road in 2020 and these will be at risk of security breaches. Unlike hacking an individual PC, for example, all cars of a particular model will be vulnerable if a 'backdoor' can be found that allows someone to access that model's control system. Imagine the consequences if, say, 1million cars suddenly turn into unguided missiles.
Joel Fabbre of Green Hills Software noted last year, after a 'zero day attack' in the US allowed a Jeep Cherokee to be controlled remotely: "If you're a hacker, you look for scale. If a hacker could launch a coordinated attack, it could be massively damaging."
One system, from Karamba Security, is said to detect and prevent in real time anything not explicitly allowed to load or run on an ECU, including in memory attacks. Symantec, meanwhile, is deploying machine learning to monitor traffic on the CAN bus, learn what is normal and respond to what it believes is 'anomolous activity'.
One thing is clear - security cannot be an afterthought. Car makers need to design security in from day one - and it's likely that more than one layer of protection will be needed.
