According to Eugene Kaspersky — the founder of Kaspersky Lab and an internationally recognized expert on cybersecurity — cars connected to the Web will represent a desirable target for hackers in the coming decade.
Kaspersky noted that cars of today are “more safe but less secure” due to the variety of Web-connected gadgets that have become part of the standard operating equipment in modern vehicles.
“For a long period of time, the cars will be vulnerable,” he said in an interview with Financial Times, noting that the incentive now is to find vulnerabilities that will allow access to the car’s main computer.
“The definition of good security is that the attack must cost more than the possible damage. We can reach this level, but I am afraid that may be for a decade, maybe less.”
By most estimates, there will be 250 million cars directly wired to the Web by the end of the decade. As of today, the modern automobile has as many as 60 computers on board, processing a variety of functions from temperature, to brake control, to music systems. Those separate silos communicate with each other across a platform called the Controller Area Network, or CAN Bus. That central connectivity means once a hacker has access to one system on board, odds are they have access to every system.
“Unfortunately, the bad guys are getting smarter,” Kaspersky noted, also stating that international cooperation would be necessary to stem the coming tide of attacks.
“Companies outsource the software … and software engineering doesn’t have borders,” he added.
“The governments, the carmakers, they understand the problem, finally,” he said. “They are close to designing the solution, and then, they have to implement it. And that will take years. I’m sorry.”