What seems perfectly thought out and reliable, often presents us with the most unexpected surprises. Such a sad discovery befell the creators of the car Jeep Cherokee model 2014 in July 2015, when the Internet stirred up the news about two professional hackers Chris Valasek and Charlie Miller who managed to gain remote access to the onboard computer of the seemingly “perfect” car and take the operation of its core systems under their control. During the experiment, “a victim of the hacker attack” was Andrew Greenberg, who was warned about what was happening, but, nevertheless, had an obvious discomfort and panic.
The most vulnerable turned to be the Uconnect system. This system controls a network of the interactive features of the on-board computer which are not provided with the system for data protection. Therefore, in the case of the hacker attack, the attacker potentially has an advantage over the driver in driving a vehicle that could and most likely would have resulted in tragic consequences for the driver. To avoid such consequences, Chrysler brand was forced to recall 1.4 million cars, which caused enormous financial damage to the enterprise.
This event disturbed the public because most drivers give their preference to modern cars with an interactive control system, which, as it turns out, can cause a great danger for them. Cars are equipped with hundreds of control units, which are vulnerable to errors or may be infected by malicious software hacking programs, which is why in the case of failure of the main control unit human lives are at stake.
Intel Company – “Benefactor” in the Struggle for the Safety of Motor Vehicles
Intel Company promptly responded to the shocking news by creating a supervisory Automotive Security Review Board. According to the latest reports, among the members of the Automotive Security Review Board will be the best experts in the field of data protection and cyber physics systems. Intel will provide them with innovative platforms for research in the field of cyber-security and advanced systems development for the better protection of vehicles from the new hacker attacks. The most successful developers will receive a valuable reward for their contributions: a car or its value in monetary terms.
Today particularly acute is a problem of passenger transport, the safety of which largely depends on the usage of reliable two-factor authentication systems for drivers with a help of factor of ownership (key) and the factor of knowledge. As a secret “factor”, could be used a one-time password generated by a hardware token or a special mobile application created for a specific car manufacturer. For better protection when entering the application it would be better to enter the username and password. In this case, it is impossible to gain access to the systems of the car only with the help of a key, as the main condition for authorization of the driver is a one-time password that is requested by an onboard computer.
Two-step authentication launching would be the optimal solution of the security problem of cars because according to the experts’ estimations until 2020 the number of cars with advanced network capabilities will grow to 150 million, the compromise of which we cannot allow.