Backend Connected Vehicle Attacks are Taking the Lead

DAN SAHAR

VP of Products

November 4, 2018

Today’s cars are as reliant on data as they are on fuel and a good set of tires. The warning by the Society of Automotive Engineers that “It would be easy to say the modern car is a computer on wheels, but it’s more like 30 or more computers on wheels” has become a conservative estimate when you consider today’s connectivity challenges. As security risks start making headlines, OEMs are strengthening the protection they place around connected vehicles. But is the world of cyber-security offering the automotive industry enough protection?

OEMs are starting to make security a priority

OEMs are increasingly aware of how important it is to build cyber-security measures into their connected cars. Shifting left on security and creating more secure vehicles is part of achieving a strong security posture for the automotive industry. However, as an overall strategy, it has a few inherent flaws –

Front-end security does nothing to protect vehicles that are on the road already

When you design security built for vehicles, you’re always going to be one step behind active challenges in cybersecurity. The cycles of design and production for OEMs take several years, so in-built security features like automotive chips or subsystems can never hope to keep operating fleets or even on-road individual vehicles safe in real-time.

Protecting the individual vehicle ignores the majority of the risks

Whether it’s a connected vehicle service, a telematics unit, a mobile app or an OBD dongle, the security hazards will never all be within the confines of a single vehicle and its schematics or manufacturing. Take for example researchers who used a WiFi dongle to access the headlights of a Mazda from more than 3,000 miles away.

While OEMs can focus on creating trusted boot sequences, firmware and secure storage and hardware on their side, or use next-gen security like micro-segmentation to develop principles of least privilege for their own servers, recent research has proven that network connected applications are amongst the most common vulnerabilities for connected cars. This could be bad news for OEMs, as backend security is not nearly as developed yet, and there has traditionally been a lack of tools on the market to protect them. In fact, only 1/8 OEMs have any capabilities at all to diagnose a hacker attack that uses their wireless communication systems.

While companies struggle to find solutions to protect them, the risks are increasing. Only earlier this year, flaws in third-party services caused Telematics company Calamp to unwittingly provide access to vehicle location and security controls to hackers, risking more than 7 million connected users.

Endpoint security alone is not the answer

No business would consider employing anti-virus on their office computers without data center and network protection. OEMs need security solutions that are in the thick of it – able to reside on the network itself and inspect all data sources, no matter where they come from: telematics traffic, mobile application data, and even external information and protocols from context or behavior. Whichever solution you employ must be able to correlate all of this data to uncover threats that go further than one individual car.

Centralized automotive security views data from both ends

A cloud-based centralized security system is the only way to collate a holistic view of your entire fleet, utilizing the benefits of Big Data and Artificial Intelligence without limits on resources such as memory or CPU. As your centralized security system is on the cloud, there’s no need for software updates on the vehicles themselves. Protection is applied centrally through cutting-edge automation, removing the threats of insufficient patch management or security breaches due to faulty updates.

This holistic security approach also allows OEMs granular insight into the behavior of multiple vehicles. While one car turning off its headlights is not newsworthy, 100 doing this all at once could be cause for alarm, as seen in one example where hackers remotely disabled dozens of vehicles at once by attacking the immobilization system. In-vehicle security cannot detect this threat, but centralized security can.

Front-end security improvements represent an important step in the right direction for automotive safety. However, it’s only by gaining visibility into all data sources and being able to correlate them in real time on one centralized dashboard that OEMs can build a true picture of the threats that vehicles and drivers are facing today.

Newsletter Icon

The 2025 Global Automotive & Smart Mobility Cybersecurity Report

Newsletter Icon

Subscribe
to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

Proactive Quality, Powered by AI: A New Era for Automotive Manufacturing

As global markets tighten and margins shrink, the automotive industry finds itself at a crossroads: how do we balance innovation with efficiency? Nowhere is this…

Read more

Beyond CVEs: Why Automotive Cyber Threat Intelligence Must Cast a Wider Net

The recent volatility of CVE funding is a wake-up call for the automotive industry to rethink its risk and threat intelligence strategy. In the world…

Read more

Agentic AI in Action – How Service-as-a-Software Is Reinventing Automotive Cybersecurity Operations

In my previous post, I explored the paradigm shift brought on by service-as-a-software and agentic AI – and what it means for the future of…

Read more

From Services to Software – What the Agentic AI Economy Means for Automotive Cybersecurity

We are at the dawn of a new era in software and service delivery – one where the traditional boundaries between human expertise and digital…

Read more
Skip to content