Driving Down Hacks

The growing incidence of car hacking has insurers on high alert.

Armed with just $15 in electronics gear that he purchased from RadioShack, a 14-year-old boy successfully hacked into a connected car, unlocking and remote-starting the internet-connected vehicle.

While the simulated incident was part of an annual hackathon organized by nonprofit research group Battelle, the threat of automotive cyberattacks is very real. And that’s sending up a red flag to insurers who underwrite gig economy programs, such as car-sharing, ride-sharing and other mobility-as-a-service offerings. “These insurance providers must underwrite the financial risks of cyberextortion, data security threats and breach of privacy litigation,” said David Uze, CEO of mobility platform and security provider Trillium Secure.

Sophisticated and novice hackers are unleashing new levels of creativity by exploiting external connectivity, access points such as Wi-Fi and Bluetooth and other attack vectors to take control of connected vehicles. Not only are they able to unlock doors, but bad actors can also gain full remote control and initiate life-threatening actions such as disabling brakes and steering, turning the engine on and off and spoofing GPS systems, Uze said.

Trillium offers software to protect in-car computer systems, which are susceptible to hacking attacks. Drivers, fleet owners and auto manufacturers are looking for ways to keep intruders at bay, and Trillium’s software, which is placed on a vehicle’s computing hardware before the vehicle rolls off the assembly line, encrypts in-car data transmissions and detects unusual activity that could signal a potential cyberattack.

Insurers also are interested in software that shields high-tech vehicles from those attacks. Having an extra layer of intrusion detection and firewall protection can offer insurers a standard safety feature for vehicles they underwrite and insure.

Cyberattacks are set to grow with the proliferation of connected and autonomous cars on the roads. By 2020, more than 5.5 million semi- and fully autonomous cars will roll off the assembly line and 98% of them will be connected through cellular networks, according to industry reports.

Trillium, a member of startup accelerator Plug and Play Tech Center’s cohort of insurtechs, is working to ensure that data generated and consumed by connected and autonomous vehicles are “well-protected to ensure immutable accuracy and certifiable trust in the data’s integrity,” Uze said.

Uze and his team frequently crisscross the United States on an education and consumer outreach tour called “Hack Across America.” The tour educates drivers about hidden cybersecurity risks and vulnerabilities associated with connected and autonomous vehicles.

“The problem is lack of data security for electronic devices inside vehicles. Today machines talk to machines without human interaction, and they’re making decisions that impact human life. Autonomous driving is a perfect example of that. We need to ensure vehicles are secure inside and out and that data is private, confidential and absolutely trusted,” said Uze, who plans to embark on another tour this spring.

“Data is no longer a stream of information. It’s the new currency of the transportation economy. Trillium anonymizes data from connected and autonomous vehicles and shares it with fleet owners, carmakers and insurers who can use the data to offer preventative maintenance programs, safe-driver discounts and other value-added services to car owners and fleet managers,” Uze said.

There has been a 19% rise in car crime and a 29% increase in disruptions to vehicle networks since 2014, according to the Office of National Statistics.

Article By: Lori Chordas

Source: Best’s Review