Commercial vehicles – the next target for cyber attacks?
author: Mia Bevacqua
There's been a lot of hype around passenger cars and trucks being hacked. Commercial vehicles, though, could pose even more of a threat. Think of the havoc a digitally hi-jacked big rig, or bulldozer, could cause. Cyber-criminals who have attacked governments and corporations are beginning to see commercial vehicles as a useful target.
Connectivity leads to vulnerability
Most modern commercial vehicles are connected, just like their civilian counterparts. As such, protecting them from digital attacks is becoming a necessity. Fortunately, commercial vehicle companies can build on the defenses created by other industries.
Experts generally agree that there must be multiple layers of commercial vehicle security. Every aspect of the vehicle – from a single processor to the overall machine – must have its own line of defense. That way, no matter how deep hackers dig, they can't take control.
This layered architecture would use a range of technologies. Each would be built into the vehicle design, instead of being added on after development.
Open source provides pros and cons
Before, commercial vehicles used connections that were largely proprietary. This made each make and model a time consuming, unappealing endeavor for hackers. With the invention of the internet of things and other new technologies, that has changed. The majority of commercial vehicles now share hardware and software sourced from a handful of suppliers. This makes them much easier targets.
"We see the need for open platforms," said Sanjay Ravi, Managing Director Automotive at Microsoft Cloud Services. "Open application programming interfaces make it possible to include several players, from startups to very large automotive companies."
Open source means more companies will be using the same base development tools. This has its drawbacks but also its perks. Since the software has been tested by countless engineers, many vulnerabilities have already been fixed.
End users share responsibility for cyber security
The final piece of the puzzle is the end user. Owners and operators must use passwords and other means of identification to prevent security leaks. In the end, the human factor still plays a big role in implementing cyber security.