The automotive industry is currently experiencing and embracing a digital revolution, enhancing vehicle capabilities, and increasing customer satisfaction. However, these benefits also come with some increased risk of cyberattacks. Estimates suggest that the industry stands to lose $505 bn by 2024 due to cyberattacks.
Automotive technology company GuardKnox has issued a warning to automakers, encouraging them to prioritise safety by scrutinizing the apps integrated into their vehicles. The company itself provides technology which enables vehicles to actively monitor and take action against potentially harmful applications, pre-emptively shutting them down if they attempt to access unauthorized areas of the vehicle.
We spoke to Moshe Shlisel, CEO of GuardKnox, to learn more about the threat cyberattacks pose to the industry, and to discuss the available solutions.
Just Auto (JA): Could you provide me with some background on the company?
Moshe Shlisel (MS): GuardKnox is an AutoTech company developing products that address the key challenges in the next-generation of E/E architecture, enabling software-defined vehicles.
Protection for the modern car requires a different kind of thinking given their increased connectivity – GuardKnox was founded by Israeli Air Force veterans with experience in systems geared towards aviation and missile defense; this is the experience needed to truly develop advanced vehicles.
How vulnerable are today’s vehicles from cyberattacks and why?
Drivers are increasingly using more and more connectivity features available in their vehicles. However, this means that an increased number of sensors are required to enable this connectivity, thus making today’s vehicles considerably more vulnerable to cyberattacks. Many modern vehicles have integrated systems that provide advanced functionalities such as infotainment, navigation, remote access, autonomous driving, and V2X communication (vehicle to everything). These technologies expose multiple points of potential attack for hackers, from the car’s network to the cloud-based services it connects with.
Another looming threat is the dangers posed to EV charging networks. The EV charging ecosystem comprises various components such as charging activities, payment processing, digital wallets for in-vehicle payments, and apps for locating charging stations and managing billing/accounts. Each of these components interacts through interfaces, creating potential cybersecurity vulnerabilities. The consequences of successful cyberattacks can be devastating, leading to power fluctuations, stranded drivers due to a disabled EV charging infrastructure, malware-ridden vehicles, and even to a cyber-attack on the power plant itself .
Why are vehicles being targeted?
Vehicles are targeted for a variety of reasons. Financial gain is a significant motivator; for example, attackers may hijack a logistics transportation fleet and utilize ransomware to realize a financial gain. Additionally, vehicles can be used in larger, coordinated cyberattacks; for instance, by disrupting traffic flow in a smart city.
Also, vehicles could be targeted purely out of chaos. Malicious actors could hack vehicles in order to inflict serious damage on the roads and create major problems for governments and citizens alike.
How does the company’s technology prevent the risk of cyberattacks?
The GuardKnox suite of secure-by-design products is specially engineered to provide automotive companies with a powerful defense against a wide array of threats- this is done by integrating security features into the vehicle’s software. The GuardKnox Communication Lockdown™ approach not only makes it incredibly difficult for attackers to penetrate vehicle systems but also aids in detecting, isolating, and neutralizing any threats that do manage to get through.
Currently the company is working with leading European automotive brands to ensure compliance with all necessary regulations, and in particular, UNECE R155, which mandates essential security protections for vehicles.
GuardKnox plays an essential role as a bridge for the automotive industry, helping companies navigate complex regulatory and technical challenges. Through its products and technology, GuardKnox enables companies to comply with regulations while simultaneously gaining a competitive advantage in developing Software Defined Vehicles.
What more can automakers do to prevent the risk of attacks?
Automakers must begin to embrace technologies that ensure secure in-vehicle communication. A secure-by-design core significantly mitigates cyber risks by integrating security measures into the foundational layers of a system, ensuring inherent protection against threats and reducing the likelihood of vulnerabilities being exploited.
What do you see the future holding for this issue?
With the rise of autonomous and connected vehicles, the issue of automotive cybersecurity will continue to be of paramount importance. As its name suggests, an entire software-defined vehicle’s operations hinge on the software itself, making it the integral core that powers every facet of the automotive experience. However, advancements in software come with more potential vulnerabilities. It is a double-edged sword: drivers want vehicles that include next-gen automotive applications but the vehicles are opening themselves up to a higher likelihood of cyber breaches.
In response, legislation and industry standards related to automotive cybersecurity are likely to become more prevalent, helping to drive best practices and make vehicles safer. A perfect example of this is UNECE R 155 which is setting cyber regulations in Europe and other member countries for automobiles coming to market by July 2024.
UNECE R155 stands as a milestone achievement in the automotive industry, setting a precedent for safety, standardization, and sustainable innovation in vehicles. The global automotive landscape calls for a unified approach to regulation, and by enacting similar regulations, other regulatory bodies and governments can ensure that the future of transportation is safe and responsible for all drivers. Embracing such regulations is not only a prudent decision but also a crucial step towards shaping a better and more connected world for generations to come.