Every time you get in a car, you’re putting your life in your own hands.
But how about putting it in the hands of the Internet?
The latest Jeep hack shows that the popularity of Internet-enabled devices now extends to our roads, and it’s not all modern convenience.
Hackers are keeping up with trends in embedded technologies, continually looking for new ways to exploit these newly-accessible items.
An Industry in the Slow Lane
As connected devices take to the road, it’s becoming apparent that security is a big step behind. According to a 2014 report by HP, “Internet of Things Research Study”, up to 70 percent of Internet-enabled devices contained vulnerabilities involving password security, encryption and permissions.
While a hacked toaster might sound trivial (if not somewhat annoying), a hacked car holds even more dire consequences – namely, the ability to maim and kill.
Recently, Chinese hackers found themselves able to take command of many key functions of a Tesla Model S – headlights, wipers, sunroof, door locks and horn, presumably via its mobile app.
As this month’s WIRED Jeep demonstration showed, total control can be enacted on the vehicle from many miles away. Perhaps the most worrying is the ability to turn off the car’s engine, steering, brakes and other vital functions.
According to an HP study from 2014, the top security flaws of connected devices included collecting user information, failing to use passwords, or having insecure firmware or web interfaces.
Stemming the Influx
So, what is being done about Internet of Things safety? Well, sadly – not much. Even though Jeep has issued a patch for the issue, it’s not entirely known how many Jeep and Chrysler models might be affected.
Moreover, you can’t help but feel that this patch is merely a band-aid for some of the wider-reaching implications on the entire automotive industry.
The reasons for these security blunders are disappointing, but telling. Many Internet-connected products have yet to reach a truly wide audience, leading developers to disregard the importance of security.
Even well-established organisations often fail to spend adequate time or resources on security, let alone the tiny startups who make up a large faction of Internet of Things companies.
Eventually, though, we will reach a point where security can no longer be ignored, perhaps even becoming a barrier to the widespread adoption of connected devices.
Are you an early adopter? If so, ensure your Internet-enabled devices are always running the latest firmware, keep your user account (if your device has one) protected with a strong password, and change any default settings your product came with when you purchased it.