Imagine driving along and your refrigerator sends a message to your connected car letting you know that you are out of milk. The car’s onboard GPS automatically directs you to the nearest grocery store. But cyber criminals, parked across the street from your house, have hacked your home WiFi network and now have access to your car’s computer. You receive a message on the car’s display telling you, “Looks like you’re on your way to get some milk. I will shut the engine off unless you pay a ransom — follow the prompts to pay now.”
|Want more ? Enjoy a free subscription to Motor Age magazine to get the latest news in service repair. Click here to start you subscription today.|
Sound too creepy to be true? As disturbing as this scenario is, it could actually happen. As more vehicles become digitally connected, securing networks and vehicle cybersecurity is not an issue for the future — it’s a problem now that affects independent repair shops. The telematics technology component of a typical shop’s daily workload will continue to increase, and they must be aware of, and adapt to, this constantly changing cyber environment by securing their networks to protect themselves and their customers from cyber hacking.
|General Motors produced the first connected cars in 1996 with OnStar for Cadillac DeVille, Seville and Eldorado models. Today connected vehicles are common and the sheer number of things they connect to is increasing at a rapid rate.|
Vehicle telematics affects many components. For example, a simple windshield repair that normally would take an hour is further complicated by the presence of a vehicle’s Advanced Driver Assistance System (ADAS). The ADAS windshield, equipped with sensors and a system camera, may take another hour to calibrate and could require access to the onboard computer or OEM’s computer network. In addition, pre- and post-repair scan procedures may be required to perform the repair. ADAS systems from Audi/VW, Fiat Chrysler, Ford, Nissan and others require a programming reset after replacement of windshields, wheel alignment adjustments and repair of other components. Knowing how to calibrate a vehicle’s ADAS isn’t just a safety concern, but a cyber safety concern. If a shop’s network isn’t secure, it could lead to a cybersecurity breach impacting customers.
In addition to the growing presence of ADAS, another major concern are the diagnostic reports generated from aftermarket OBD-II interface adapters. This market is becoming a rapidly growing player in the telematics industry and OBD-II connections between repair shops and customer’s vehicles are another avenue for cyber attacks to occur. In the near future, the issue of automotive cybersecurity will become paramount as connected, self-driving vehicles will offer consumers unprecedented new options related to personal transportation. Risks range from access to the vehicle owner, driver or passenger’s personal and financial information to loss of physical control of the vehicle.
Is Your Shop Changing Enough?
Is your shop technology changing enough to keep pace with vehicle and consumer changes? It’s time to put your SMS in the palm of your hand and connect to customers and their vehicles like never before.
Is your network secure?
In the future, independent repair facilities that plan to perform extensive diagnostic work or vehicle reprogramming will have to address network concerns and partner with OEM and third parties to provide cybersecurity. Shops will have to engage with cybersecurity experts and consultants to evaluate their networks, ensuring that they and their customers are protected. Cybersecurity could include customer-accessed WiFi in the waiting room, separate WiFi in the shop work area, servers, worldwide internet connections and data stored in the cloud. Some owners of small repair shops are of the mindset that cybersecurity only applies to large repair chains or OEM dealerships, but the possibility of a cyberattack affects everyone.
The Automotive Service Association is actively exploring how to “lock down” aftermarket service and repair facilities from potential cyberattacks that can originate from digital resources the shop connects to including: online diagnostic services, customer vehicles via connections to shop diagnostics tools, customers using WiFi in waiting rooms, employee smartphones and others. Repair shops cannot afford to be the weakest link in the chain that makes up automotive cybersecurity.