John Chuhan, chief risk officer at Alphabet, examines why the data generated and stored in your vehicle is just as vulnerable as information stored on a mobile phone or laptop
When considering the technological infrastructure of a brand new car, it is no surprise that vehicles coming off the production line now are designed to store large quantities of data to satisfy the web-enabled economy and fast-paced, ‘connected consumer’ lifestyle.
From in-built navigation, Bluetooth and info-tainment systems, now more than ever our vehicles are growing in their intelligence and connectivity. But they are also becoming a moving target for cybercriminals.
In a 2015 survey of motorists from across Europe, 76% of drivers highlighted they were interested in more connectivity, with a quarter of the respondents planning on buying a connected car as their next vehicle.
In fact, one in five vehicles is predicted to have a wireless network connection by 2020.
That means that a significant amount of data about the vehicle and the driver – such as popular travel routes, home or favourite addresses, driving behaviour as well as recent phone calls made – that is at risk of falling into the wrong hands.
Awareness of cybersecurity is paramount as connected vehicles communicating automatically with each other and other networks become the norm.
It has been in the news recently that some models of car have experienced hacking warnings due to security bugs with on-board Wi-Fi connections.
Connected cars are already vulnerable to anyone with the right software and access to the diagnostics port in the car where sensitive information is stored.
But more-connected vehicles offer drivers and fleets huge advantages; some can even now ‘call home’ to their manufacturer with details of a developing fault or to enable a leasing company to contact the driver to book a service.
We need to start treating our cars as we do our laptops and smartphones when it comes to security. You would not replace either without clearing off any personal information first, an attitude that we need to replicate with our vehicles.
Protecting your in-car data privacy is a simple matter of knowing how to clear personal data from a vehicle, especially when returning it to a leasing company or handing it over to a new owner.
Deleting call logs, phone books and addresses is a good place to start, as wireless connections store a lot of information generated by ‘paired phones’.
Clearing destinations and trip logs from an inbuilt sat-nav is key, as is removing sensitive stored locations such as a home or business address.
Uncoupling from the cloud will also shut down any links to social media networks and search engines previously accessed through the vehicles’ Wi-Fi system. This includes applications such as Spotify or internet radio that can be uploaded and stored to the entertainment system.
The key is to safeguard on-board personal data as much as possible against malicious intent; a key concern for manufacturers which are seeking ways to increase vehicle connectivity while ensuring the systems are robust enough to reduce hackability.
With demand for connected cars growing among consumers, more drivers want seamless connectivity behind the wheel for ease-of-use and greater time efficiency. With in-car data existing in many forms now (through voice, mobile or GPS) it is important that we treat our cars the same way we do other digital devices when it comes to security.
Investing a small amount of time ‘spring cleaning’ your in-car data and connected systems will not only reduce the amount of sensitive data stored in your vehicle but, ultimately, reduce the risk to you should the worst happen. <