Vehicle Security the Next Great Aftermarket Issue

During the technology boom of the 1990s, I spent a considerable time writing about and investigating issues surrounding security and privacy. In those nascent days, security issues such as hacking were typified by such movies as WarGames and Gibson’s novel Neuromancer. Companies spent little on security and most people thought little of privacy. Today, privacy concerns loom large for many and companies spend millions on cyber security.

The aftermarket seems immune from such concerns. Nobody wants to hack a car.

That is going to change. A team of hackers working for the U.S. military demonstrated how a modern vehicle can be electronically broken into. The team of hackers were able to remotely cut the vehicle’s brake system, kill the engine and do such mundane things as pop the trunk and start the wipers.

Last year, I came across a story about an ambitious gang of car thieves who managed to steal several high-end vehicles from dealerships. They discovered a way of hacking into the vehicles and remotely unlocking the doors and starting the engines. Once that was all done they were able to drive the vehicles off the lot without any problems.

Automakers are now looking to add more electronics into vehicles, going well beyond mere telematics. Vehicles will be equipped with systems that will seamlessly connect passengers to the Internet, allowing them to access emails or to stream movies to any number of handheld devices. Others are looking to work with governments to develop vehicles that use this Internet connectivity to ‘speak’ with each other. If there are dangers on the road ahead, a vehicle accident or weather related slowdowns in traffic, vehicles can communicate this information to other vehicles and their drivers.

The problem is that such connectivity results in numerous points of entry for hackers, whether to access private information or to meddle with vehicle systems. Automakers and governments are now trying to come up with ways to secure these systems. Some automakers are proposing establishing security centres whereby automakers can exchange information about vulnerabilities and develop means of jointly preventing attacks on vehicle systems.

For the aftermarket, service shops will now have to become aware of vehicle cyber security when resetting systems and servicing vehicle electronics. Vehicle makes will soon have to include security updates in technical service bulletins for service technicians, along with other technical information. Then there are legal issues. If a vehicle system is hacked and private information is stolen from devices, does fault reside with the vehicle maker, the service operation or the vehicle owner?

While vehicle cyber security is still something new, it will become an issue that service operations will have to become experts on.