Rental Cars Not Entirely Immune From Cybercrime
Consumers can take some steps to help avoid being hacked
Cybercrime is definitely on the rise in every industrial sector that involves computers, which is practically every industry on the planet. That being said, with vehicle connectivity still being a relatively new development in the car rental business, hacking into fleets is still relatively rare.
However, this past October, a webinar by X Force Red, IBM’s security team, shed some light on how ‘connected cars’ could be vulnerable to cybercriminal activity. Additionally, an article from Security Intelligence highlighted that connected cars, and eventually autonomous vehicles, will be vulnerable to cyber attacks. In fact, the software market for those vehicles is projected to nearly double from $238 billion to $469 billion in this decade.
So far, there haven’t been any major reports from the major players in the car rental industry, although a number of automakers have admitted that some features on connected cars are prone to hacking.
Security experts have also acknowledged that connected vehicles were vulnerable to being hacked and in turn stolen. For example, a Belgian security researcher recently discovered a method to overwrite and hijack the firmware of Tesla Model X key fobs. This means a thief can steal any car that isn’t running on the latest software update.
In response to this ongoing issue, General Motors hired a number of hackers to bug-proof their vehicles to ensure security measures are in place when they move ahead with manufacturing autonomous vehicles.
How can consumers protect themselves?
Rather than wait for what automakers and car rental companies to find solutions, there are plenty of measures that consumers can take to mitigate the likelihood that their vehicles will be hacked. Those measures have been strongly supported by Gloria Bergquist, a spokesperson at the Alliance of Automobile Manufacturers.
“Cybersecurity is everyone’s responsibility, and consumers — along with automakers and their suppliers — need to be vigilant,” she said. “Consumers should exercise good cyber hygiene in all they do, including properly pairing a phone to a car, deleting phone data from rental cars (if paired), and being active in doing the maintenance and updates as requested for phones and vehicles.”
One simple measure is to ensure that the models they own or rent are in the loop regarding software updates. That involves staying in contact with a dealership regarding software updates. If you’ve rented a vehicle for a particularly long time, notify the car rental firm that made your booking. In many cases you might get a response from the manufacturer via email, while other times a personal visit to the dealer might be preferable.
Users will have to double down on smartphone security, especially when it’s synched with the car. It’s no magic bullet, but having a really strong password, meaning using a combination of letters, numbers and special characters, will go a long way towards thwarting hackers who try to virtually invade your space via a WiFi.
Finally, when customers are about to return a car rental or sell or trade an owned vehicle, all personal information should deleted from the vehicle’s infotainment system. There’s no telling what that car’s future driver might do if that person comes across all that accumulated data. A factory reset will manually delete that info, a task that’s easily performed by following directions on the settings menu of the in-car system.
Granted, they’re all small steps to take, but cybercriminal awareness is also a consumer’s responsibility. If/when these steps are executed, they may take a chunk out of the upsurge in vehicle cyber activity that’s been on the rise since 2014.