Vehicle manufacturers are raising the amount of money they spend on cyber security after hackers, and a recent ransomware attack, revealed their vulnerability.
Software spend will increase from $37.95 billion (£30bn) in 2015 to $80bn (£63bn) in 2020, reaching $168.8bn (£133.3bn) by 2025, while investment in car cyber security is expected to grow by almost 25% over the same period, according to analysts at Frost and Sullivan.
Hackers have shown they can remotely access and control vehicle components such as braking and engine stop-start operations or tap into private customer data collected by the on-board system.
Just last month, Renault-Nissan’s manufacturing plants in Sandouville and Sunderland were hit by a ransomware attack which halted production.
It came after a series of hacks by researchers, who were able to remotely control a Tesla Model S from a distance of 12 miles and remotely locate, unlock and start a Hyundai car via a mobile app.
Niranjan Manohar, programme manager for connectivity and automotive internet of things (IoT) at Frost and Sullivan, said: “A variety of very public cyber attacks against automotive companies have occurred over the past few years, only scratching the surface of the magnitude of the risks.
“Connectivity is what consumers want, but security will need to be a key focus area across the vehicle lifecycle. The automotive industry demands a comprehensive security solution in the entire automotive value chain, covering hardware security, software security, network security and cloud security.”
A new white paper, ‘Cyber security for the Automotive Industry’ from Frost and Sullivan and digital security firm Irdeto, highlights how one of the key challenges faced by the
automotive market is the increasing extent of in-vehicle connectivity, which extends from
infotainment to mobile phones, voice recognition, navigation and communication with other in-vehicle infrastructure.
While this connectivity is essential to satisfy consumer demand, it also introduces a variety of vulnerabilities that hackers aim to exploit.
The automotive industry is working in tandem with a number of government-industry projects to analyse the problem and formulate protections such as hardware security modules (HSM) and securing vehicles from internal and external attacks.
In 2015, manufacturers formed the global information sharing community, the Information Sharing Advisory Centre (Auto-ISAC), to enhance security awareness and share vehicle cyber security information, threats, warnings and incidents among industry stakeholders.
Daniel Thunberg, global head of automotive at Irdeto, said: “Hackers and cyber criminals are employing new strategies to exploit vulnerabilities in today’s connected cars.
“Consumers crave connectivity features in their vehicles, but automakers must address the associated vulnerabilities to prevent hackers from altering their automobiles.
“With investments in digitisation and connectivity expected to increase in the coming years, OEMs and tier-one operators need to think of cyber security from the beginning, by implementing a comprehensive security approach that will keep drivers safe on