EU Introduces Stricter Cybersecurity Regulations for the Automotive Industry to Combat Growing Threats

SECURITYEU Introduces Stricter Cybersecurity Regulations for the Automotive Industry to Combat Growing Threats
  • The European Union responded to growing threats by introducing new cybersecurity regulations in automotive industry in July 2024. As per the new regulation, car manufacturers have to meet stricter safety requirements for their systems
  • Telematics platforms, automotive APIs, and even cloud infrastructure are susceptible to attacks. Cars gather not only manually entered data, such as addresses or payphone numbers, but also automatically collected data by manufacturers, making vehicles a potential target for cybercriminals.
  • Cars, which were once only a means of transport, are now technically advanced devices, amassing vast amounts of personal data. The value of this data is increasing at an alarming rate and, according to experts, could exceed $14 billion by 2032.

Our daily journeys, private phone conversations, and even our favorite routes and radio stations – all this can become a target for hackers. Cars, which were once merely a means of transport, are now technically advanced devices collecting loads of personal data. The value of this data is rising at an alarming pace, and experts predict it could surpass $14 billion by 2032.

Cars: A goldmine of personal information

Modern cars are no longer just engines and wheels but also sophisticated infotainment systems storing drivers’ and passengers’ data. As pointed out in a report by Check Point Software Technologies, hackers have been exploiting loopholes in the security of these systems for years, presenting a serious threat to user privacy.

– “Cars are becoming increasingly technologically advanced and connected to the outside world. Features that were once only available in luxury premium brands are now practically available in all basic city cars. These features include Bluetooth connectivity for pairing mobile phones, GPS navigation, Wi-Fi hotspots, collision avoidance systems, remote diagnostics, and many more. Thanks to these features, cars are quickly becoming databases on wheels” emphasizes Wojciech Głażewski, Director of Check Point Software Technologies in Poland.

New EU Regulations: Protecting drivers from cyber threats

The European Union responded to growing threats by introducing new regulations in automotive cybersecurity in July 2024. According to the new regulations (EU regulations recognizing UNECE Regulations R155 and R156), car manufacturers must meet stricter requirements for the safety of electronic systems and software update processes. This represents a huge challenge for the entire industry, aimed at reducing the risk of data leaks and enhancing driver privacy protection.

A representative from the European Security Group (ESG), Leszek Cieloch, emphasizes that data gathered by vehicles is a tempting target for hackers. Embedded IT systems collect data from various sources – from control units to lines of code controlling the vehicle’s operation. Vishak Raman, a security expert from Cisco, predicts that by 2024, over 300 million vehicles worldwide will be able to receive centralized updates, which could increase the risk of cyberattacks.

Case of Tesla: Hackers take control over the vehicle

In March 2023, hackers attacked Tesla’s systems, gaining access to features such as horn honking, trunk opening, and operating the infotainment system. While the effects of the attack were relatively harmless, this case shows how easily vehicle systems can be manipulated, and the potential dangers this brings.

Elon Musk, Tesla’s founder, stressed that the future of transportation is electric and autonomous, but it must also be secure. Cooperation between the automotive industry and tech companies, as well as investments in cybersecurity, are necessary to ensure safe operation of vehicles in the coming years.

Micki Boland, an expert from Check Point Software, highlights that telematics platforms, automotive APIs, and even cloud infrastructure are susceptible to attacks. The data collected by cars is not just manually input information like addresses or phone numbers, but also the automatically collected data from manufacturers, making the vehicles a potential target for cybercriminals.

Data Protection – A new priority in the automotive industry

The complexity of modern vehicles, which have more lines of code than modern passenger planes, makes them vulnerable to cyberattacks. Infotainment systems are particularly exposed to cyberthreats as they store most of the data from mobile devices connected to the vehicles. Effective cybersecurity management needs to encompass the entire life cycle of a vehicle, from design, through use, to selling the vehicle on the secondary market.

Experts are raising alarms – privacy protection in cars is a real nightmare, according to Mozilla’s ‘Privacy not Included’ (2023) report. The automotive industry is increasingly relying on data-based technologies and services. Experts warn that a car fundamentally collects too much personal data. 84% of manufacturers pass or sell user data to service providers, data brokers, and other companies. The study found that just over half of car manufacturers even stated they would “on request” pass data to governments or law enforcement agencies.

In Poland, according to SAMAR data, over 730,000 used cars were sold in 2023, most of which contained previous owners’ data, such as phone books, travel logs, or SMS messages. This highlights the importance of educating drivers about securing their data and deleting it before selling their vehicle.

The Future of Cars: Safe, But Private?

In the coming years, cars will become increasingly technologically advanced, with autonomous driving functions and advanced communication systems. However, this progress brings with it increased cyberattack risks. Car manufacturers, software suppliers, and regulators will need to work together to protect drivers from threats that can not only invade their privacy but also pose a risk to road safety.

Given the dynamic growth of the automotive market, data protection is becoming a priority. Security against hacker attacks and responsible management of the data gathered by vehicles will be key to ensuring that the future of transportation is not only innovative but also safe.

Source: https://managerplus.pl/nasze-samochody-nowe-pola-bitwy-dla-cyberprzestepcow-ue-wprowadza-surowsze-przepisy-64384

Check out our other content
Related Articles
The Latest Articles