• Connected cars are vulnerable to the same threats facing any Internet user or device
• Deutsche Telekom proposes its Car SOC to the industry, but as of today no one is responsible for protecting drivers from cyber attacks
Connected cars, like anything else using the Internet, are exposed to a range of vulnerabilities most drivers dare not even contemplate. Even without being connected, the digital technology in place is at risk from attackers, whether through the cloning of remote control key entry and engine starting, or from malware introduced to internal systems via infected diagnostic tools at the local garage.
There is no one currently holding up their hand to take responsibility for protecting your car, even if it is already connected and using information, entertainment, or driver assistance services delivered via the car manufacturer, your mobile provider, or their partners. But at its Cyber Security Tech Summit Europe in Bonn this week, Deutsche Telekom is shining a light on the issue and sharing its early work on cybersecurity protection for the car industry. It’s especially urgent in Germany, where 30 percent of all vehicles are rolling hotspots.
With so much digital technology on board, the connected car will need constant protection from cyber criminals accessing its systems via the Internet. Deutsche Telekom is building a defence center for the car industry to provide “digital bodyguards” for drivers based on the growing realization in the industry that connected driving will not be possible without real-time cyber defense.
Based in its state-of-the art security operations center (SOC) in Bonn, where experts protect the telco’s own extensive IT infrastructure and that of several DAX 30 companies (as well as many SMEs), 240 specialists fend off attacks 24×7. They analyze hackers’ methods and capabilities, investigate their tactics, and perform forensics on criminal activities, reconstructing attacks and securing evidence. Data is also collected by 2,500 honeypots installed worldwide, designed to attract and expose hackers. With all the information gained, Deutsche Telekom improves its own capabilities for delivering an aggressive cyber defense.
A cyber defense center for cars integrated into existing SOCs would provide a number of advantages, the company says. Its subsidiary, T-Systems, is already supporting the automotive industry in the development of connected and autonomously driving cars. In a so-called “Car SOC”, the telco would combine its expertise in security threat intelligence and incident response with knowledge of the automotive sector, helping the industry gain valuable insights in the fight against car hackers.
Despite Deutsche Telekom’s proactive approach, the question of who takes responsibility for protecting drivers against hackers is still unanswered. One recent survey cited by the company found that almost two-thirds of automotive industry executives in the US and Asia said they were considering the issue of security. Wait, only two-thirds are “considering” the issue? Europe hasn’t travelled much farther down this road: the membership of the ACEA (European Automobile Manufacturers’ Association) “plan” to discuss cyber security with authorities and industry in the future. It sounds like there is some work to do on grasping the urgency of connected car security within the sector itself before Deutsche Telekom’s vision of real-time protection from Car SOCs is adopted.