Transitional Technologies: Honda getting hacked shows urgency of facing cyber security

Historic breakthroughs in clean, automated, shared, and safe mobility are expected to arrive relatively soon. Flying cars, autonomous rides taking us anywhere, unlimited wireless charging, renewables becoming cheap and abundant, and regular flights to the moon and Mars — we’re seeing what used to look like sci-fi lately achieving tangible, real-world achievements and gaining support.

Then there’s the horrific scenario of hackers taking over cars, raising red flags for those concerned about transitioning over to fully autonomous vehicles. For now, hackers are more likely to take over internal computer networks and temporarily shut down operations — as Honda just experienced. Another concern: hackers figuring out how to manipulate the electric vehicle charging infrastructure and its connection to the power grid.

Analysts have been expecting 2030 to be the turning point for historic transformation, though it’s likely to take a few more years to reach mass-market scale. The COVID-19 pandemic threw a wrench in the works, and will probably extend that period of real change. There’s also gaining broad support for the new technologies in the regulatory structure, insurance and risk management, capital sources, and end users willing to purchase the vehicles.

Safety and protecting data must be resolved first — which usually fall under the category of Cyber Security. In future Green Auto Market commentaries, other concerns will be explored shaping transitional technologies: recovering from the impact of COVID-19, connectivity, automation, renewables, and next-gen batteries.

What happened to Honda?
Why did the Honda Automobile Customer Service’s Twitter page announce that both customer service and financial services networks were “experiencing technical difficulties and are unavailable” on June 8? Honda’s factories in countries around the world were temporarily stopped after the company sustained a ransomware attack beginning on Sunday, according to the BBC. The ransomware is known as SNAKE.

Honda has said very little about the incident. A spokesman told Popular Mechanics that “there is no current evidence of loss of personally identifiable information. We have resumed production in most plants and are currently working toward the return to production of our auto and engine plants in Ohio.”

The company did confirm later to BBC that “a cyber-attack has taken place on the Honda network.” In another interview with The Verge, Honda wanted to reassure readers that there’s been no evidence that “personally identifiable information” has been leaked to the public.

Hackers could use EVs to break down the grid
Researchers are concerned that the integration of electric vehicle supply equipment (EVSE) taking shape in powerful chargers, along with the electricity grid, could be ripe for hackers. “You do reach a tipping point where you’ve got so much load on the grid provided by these chargers, that if you could control it and manipulate them in aggregate, you would start to see power system problems,” said Jay Johnson, principal manager of technical staff at Sandia National Laboratories.

Hackers could take over enough chargers to theoretically cause a grid blackout. With EVs taking off in sales and charging networks in the US and other countries, a few cybersecurity researchers and industry groups are looking into weak points in the charging infrastructure that could exploited to wreak havoc.

The Sandia National Laboratories team is exploring ways to prevent such a grid attack. “EV charging is right there at the intersection of two U.S. critical infrastructures, the transportation sector and the energy sector. But we need to understand that it also intersects with a lot of other critical infrastructure in the United States,” Johnson said.

Why the general public is alarmed by hackers
Privacy and protection of personal and financial information is a major concern for many Americans. Having all of that data stolen, and possibly used in a scam or another costly criminal undertaking, has raised hackles and commitments from automakers, banks, credit card companies, and others, to protect private information. Surveys continue to show that consumers are angry and annoyed that all of their personal information can be exposed to anyone wanting to research it; and that their back accounts and identities could be wiped out by hackers and other criminals.

An IT manager I know has warned me and others about the huge implications and threats of hackers taking over corporate networks, personal devices and laptops, digital streaming services, and social media. The notorious incidents affecting major companies and millions of people have been spreading over to the average person more recently; or at least they’re being sent spambots, viruses, and malware. I’ve asked my IT friend, and read interviews with experts on the subject, on why hackers are doing it. Some hackers have political causes they believe in, and there could be millions of dollars stolen. But the main motivation seems to be that they love disrupting institutions — hacking the system and getting it to stop, at least temporarily.

I had this warning illustrated last week while using a popular grocery shopping mobile app. During the shopping trip, I thought that the shopper doing my batch over at Costco had completely lost it — by sending me jarring and pornographic images and messages. It turned out that the shopper assumed I was the perpetrator, and minutes later responded to my texts stating that assumption. It turns out that a third party had hacked their way into my personal account and took it over for that shopping trip. What did they get out of it? No money was stolen, and no one’s identities seem to be hurt. The hacker seemed to get a rush out of disrupting our lives for several minutes.

Not long before that debacle, Green Auto Market’s distribution list was taken over by a hacker. I was contacted by email marketing service Mailchimp that something fishy was going on with my email distribution list for the newsletter. I soon found out that a spambot had been let loose that created about 450 fake subscribers to the newsletter over about three weeks. I figured it out with all the new subscribers who had jumbled names and emails that didn’t seem real. After talking to someone with experience in computer networks about it, I realized that the hacker wasn’t doing what I thought might be going on — such as sending my readers a bunch of spam, or selling them phony get-rich-quick schemes. Nope, he or she was just hacking.

Where it all started in a big way
The current wave of hacking — which can include identity theft, electronic banking fraud, breaching of high-security computers, wiping out computers with a virus or malware, and crashing a network — started hitting major targets about 2012. State-held oil giant Saudi Aramco was hit by the Shamoon virus in 2012, which wiped out computer disks held by targeted government agencies and private companies. It was brought back in 2017 as Shamoon 2, thought to be sent by a group named “Cutting Sword of Justice” which claimed responsibility.

Companies hit hard by hackers in recent years have included Adobe, eBay, Equifax, Sony, LinkedIn, Marriott International, and Yahoo. Another big one happened last year when a software engineer in Seattle hacked into a server holding customer information for Capital One and obtained the personal data of over 100 million people.

If US consumers are going to buy into autonomous vehicles and flying cars in any significant way, the issue of vehicle safety and freedom from takeovers will have to be resolved. This applies to services such as Amazon Prime Air delivering packages in 30 minutes or less using small drones.

The US military has been testing out unmanned combat aerial vehicles for several years, along with unmanned ground vehicles. These vehicles and their collected data have been tapped into by autonomous vehicle research centers at universities like Carnegie Mellon, vehicle manufacturers, and AV technology supplier partners.

This Week’s Top 10: Hackers could throw monkey wrench into autonomous vehicles, New developments in Washington

by Jon LeSage, editor and publisher, Green Auto Market 

Here’s my take on the 10 most significant and interesting occurrences during the past week…….

  1. FCA dealing with hackersFCA cyber security vehicle recall: When it comes to following autonomous vehicles/self-driving cars, concerns are typically raised about liability issues after accidents, personal privacy, and acceptance of the technologies by car owners. There is an even bigger issue that will have to be addressed by automakers, technology suppliers (especially Google), DMVs, and NHTSA: cyber security. FCA (Fiat Chrysler Automobiles) is going through a major recall now of 1.4 million vehicles that was spurred by the National Highway Traffic Safety Administration’s concerns over a Uconnect radio system made by Harman International Industries – and which has also been placed in other vehicles by other automakers. Hackers are likely to find the challenge too big and exciting to set aside; that was the case with a Jeep Cherokee that ended up running into a ditch because of game playing by hackers. That was a safe and legal event recently organized by Wired.com to see if hackers could break through the security wall. Last week, a researcher warned of another potential security breach: hackers could exploit a security flaw in a mobile app for General Motors’ OnStar vehicle communications system. A new survey by Kelley Blue Book indicates consumers are very concerned about how vulnerable they are in today’s connected cars. Automakers are investing a lot of capital and resources into connected vehicles, which they believe is the transition channel over to semi-autonomous and fully automated vehicles in the next 10 years. BMW, Audi, and Mercedes have made a $2.8 billion bid to buy Nokia’s next-gen mapping business; and Apple may work with BMW to bring a customized, autonomous version of the electric BMW i3 to market. My suggestion to the industry would be to send your staff to hackathon competitions in Silicon Valley and offer high-paying jobs to the winners.
  2. New developments in Washington: Two legislative items moved ahead Thursday in the U.S. Senate. The Vehicle Innovation Act reauthorizes the Department of Energy’s Vehicle Technologies Program (authorizing $313.6 million in funding for the next budget year, and a 4% increase annually through 2020), which promotes partnerships to conduct research and development to improve fuel efficiency in vehicles. The Act promotes investments in research and development of cleaner vehicle and advanced safety technologies that will create more fuel-efficient vehicles. It was included in the Energy Policy Modernization Act of 2015 approved by the Senate Energy and Natural Resources Committee. On the House of Representative side, President Obama has signed into law H.R.3236, whose many highway funding provisions include a measure meant to ensure that liquefied natural gas (LNG) and propane autogas are taxed fairly relative to diesel and gasoline. Natural gas vehicle industry association NGVAmerica says the passage of H.R.3236 will permanently solidify the law’s alternative fuel measure; the association says that it will modify the federal highway excise taxes on LNG and autogas to be based on the fuels’ energy content, rather than on their volume.
  3. Uber enters auto finance: Ridesharing giant Uber has expanded its leasing program for drivers to have cars to transport passengers. It’s called Xchange Leasing and offers drivers more affordable leasing payments. It’s been impressive enough to bring in Cox Automotive and Westlake Financial Services and other companies into pilot programs. In other news, the Global Business Travel Association released results on a survey of business travelers and travel buyers, who say that one in four (24%) of travel buyers say their company does not allow their business travelers to use ride-sharing companies. Right now, 11% of business travelers are using ridesharing companies like Uber versus 36% using rental cars, 24% taking taxis, and 13% using chauffeured transportation. And in other Uber news, Uber just closed $1 billion in another round of funding from investors that include Microsoft; the company is valued at nearly $51 billion and is expected to go public.
  4. Major companies commit to reducing carbon: Thirteen large corporations (Alcoa, Apple, Bank of America, Berkshire Hathaway Energy, Cargill, Coca-Cola, General Motors, Goldman Sachs, Google, Microsoft, PepsiCo, UPS, and Walmart) have signed the White House’s American Business Act on Climate Pledge. These companies have committed to using “greener” fleets to help meet carbon footprint goals. In related news, UPS said it will buy 46 million gallons of renewable diesel over three years, 15 times greater than prior contracts, as the company seeks to further reduce carbon emissions. The fuels will be supplied to UPS by Finland-based Neste, Iowa-based Renewable Energy Group and San Francisco-based Solazym.
  5. PlugShare Guide launched: Recargo Inc. has introduced its PlugShare Guide, a new plug-in vehicle consulting service for the electric vehicle (EV) industry. PlugShare Guide will develop strategies, policies and plans for assessing, promoting, installing and managing EV infrastructure as well as strategies to accelerate EV adoption using the company’s rich market intelligence, proprietary research and analytical tools. PlugShare Guide’s initial project is with Pacific Gas & Electric to analyze and recommend a layout of fast charging infrastructure across the utility’s service area, in partnership with Energy + Environmental Economics (E3) and U.C. Davis.
  6. Work truck study: National Truck Equipment Association (NTEA) and its Green Truck Association (GTA) affiliate division, recently released the 2015 Work Truck Electrification and Idle Management Study, showcasing directional industry trends on commercial vehicle efficiency, system electrification, and idle reduction. The report offers practical insights into the fleet manager’s perspective on new truck electrification technologies and idle management, NTEA said.
  7. Cuba opens door to new vehicles: A lot of change is taking place in Cuba, including placing an order for 719 new cars for tourist rentals from China-based BYD. In other news from Latin America, BYD also reported the sale of ten 12-meter K9 battery-electric buses by BYD do Brasil for Campinas, in the state of São Paulo. Campinas will be the first city in Brazil with a fleet of fully battery electric, zero emission buses.
  8. New Plug In America exec: Joel Levin, former vice president of business development at the Climate Action Reserve, has been named executive director of Plug In America. An expert on U.S. and global carbon markets and California climate policy, Levin oversaw development of the Climate Action Reserve, the state-chartered nonprofit that runs North America’s largest carbon offset registry. “This year, Plug In America marks the tenth anniversary of our efforts to electrify transportation, and we look forward to expanding our efforts with Joel at the helm,” said Plug In America board president Michael Thwaite.
  9. CalCharge adds partners: CalCharge has added six new partners, including major players Toyota and German mega-supplier Bosch. Overall, 18 automakers, parts suppliers, and energy companies have joined the initiative – which has also teamed up with a number of national research labs. CalCharge pairs companies with three Bay Area national labs: Lawrence Berkeley National Laboratory, SLAC National Accelerator Laboratory, and Lawrence Livermore National Laboratory. The main goal of CalCharge is to find ways to boost power, drop costs, and extend battery life.
  10. Qualcomm makes deal for wireless charging: Qualcomm has a new deal with Swiss electric car parts maker Brusa, allowing the firm to develop, manufacture, and supply its Halo charging plates to other companies. Qualcomm has fitted its Halo system of wireless, inductive chargers to Formula E course cars and other test vehicles. Wireless charging may be a long way’s out, but Qualcomm imagines a future in which these plates are as ubiquitous as Wi-Fi hotspots; that may include highway charging lanes, where electric can top up their batteries as they drive.