Transitional Technologies: Honda getting hacked shows urgency of facing cyber security

Historic breakthroughs in clean, automated, shared, and safe mobility are expected to arrive relatively soon. Flying cars, autonomous rides taking us anywhere, unlimited wireless charging, renewables becoming cheap and abundant, and regular flights to the moon and Mars — we’re seeing what used to look like sci-fi lately achieving tangible, real-world achievements and gaining support.

Then there’s the horrific scenario of hackers taking over cars, raising red flags for those concerned about transitioning over to fully autonomous vehicles. For now, hackers are more likely to take over internal computer networks and temporarily shut down operations — as Honda just experienced. Another concern: hackers figuring out how to manipulate the electric vehicle charging infrastructure and its connection to the power grid.

Analysts have been expecting 2030 to be the turning point for historic transformation, though it’s likely to take a few more years to reach mass-market scale. The COVID-19 pandemic threw a wrench in the works, and will probably extend that period of real change. There’s also gaining broad support for the new technologies in the regulatory structure, insurance and risk management, capital sources, and end users willing to purchase the vehicles.

Safety and protecting data must be resolved first — which usually fall under the category of Cyber Security. In future Green Auto Market commentaries, other concerns will be explored shaping transitional technologies: recovering from the impact of COVID-19, connectivity, automation, renewables, and next-gen batteries.

What happened to Honda?
Why did the Honda Automobile Customer Service’s Twitter page announce that both customer service and financial services networks were “experiencing technical difficulties and are unavailable” on June 8? Honda’s factories in countries around the world were temporarily stopped after the company sustained a ransomware attack beginning on Sunday, according to the BBC. The ransomware is known as SNAKE.

Honda has said very little about the incident. A spokesman told Popular Mechanics that “there is no current evidence of loss of personally identifiable information. We have resumed production in most plants and are currently working toward the return to production of our auto and engine plants in Ohio.”

The company did confirm later to BBC that “a cyber-attack has taken place on the Honda network.” In another interview with The Verge, Honda wanted to reassure readers that there’s been no evidence that “personally identifiable information” has been leaked to the public.

Hackers could use EVs to break down the grid
Researchers are concerned that the integration of electric vehicle supply equipment (EVSE) taking shape in powerful chargers, along with the electricity grid, could be ripe for hackers. “You do reach a tipping point where you’ve got so much load on the grid provided by these chargers, that if you could control it and manipulate them in aggregate, you would start to see power system problems,” said Jay Johnson, principal manager of technical staff at Sandia National Laboratories.

Hackers could take over enough chargers to theoretically cause a grid blackout. With EVs taking off in sales and charging networks in the US and other countries, a few cybersecurity researchers and industry groups are looking into weak points in the charging infrastructure that could exploited to wreak havoc.

The Sandia National Laboratories team is exploring ways to prevent such a grid attack. “EV charging is right there at the intersection of two U.S. critical infrastructures, the transportation sector and the energy sector. But we need to understand that it also intersects with a lot of other critical infrastructure in the United States,” Johnson said.

Why the general public is alarmed by hackers
Privacy and protection of personal and financial information is a major concern for many Americans. Having all of that data stolen, and possibly used in a scam or another costly criminal undertaking, has raised hackles and commitments from automakers, banks, credit card companies, and others, to protect private information. Surveys continue to show that consumers are angry and annoyed that all of their personal information can be exposed to anyone wanting to research it; and that their back accounts and identities could be wiped out by hackers and other criminals.

An IT manager I know has warned me and others about the huge implications and threats of hackers taking over corporate networks, personal devices and laptops, digital streaming services, and social media. The notorious incidents affecting major companies and millions of people have been spreading over to the average person more recently; or at least they’re being sent spambots, viruses, and malware. I’ve asked my IT friend, and read interviews with experts on the subject, on why hackers are doing it. Some hackers have political causes they believe in, and there could be millions of dollars stolen. But the main motivation seems to be that they love disrupting institutions — hacking the system and getting it to stop, at least temporarily.

I had this warning illustrated last week while using a popular grocery shopping mobile app. During the shopping trip, I thought that the shopper doing my batch over at Costco had completely lost it — by sending me jarring and pornographic images and messages. It turned out that the shopper assumed I was the perpetrator, and minutes later responded to my texts stating that assumption. It turns out that a third party had hacked their way into my personal account and took it over for that shopping trip. What did they get out of it? No money was stolen, and no one’s identities seem to be hurt. The hacker seemed to get a rush out of disrupting our lives for several minutes.

Not long before that debacle, Green Auto Market’s distribution list was taken over by a hacker. I was contacted by email marketing service Mailchimp that something fishy was going on with my email distribution list for the newsletter. I soon found out that a spambot had been let loose that created about 450 fake subscribers to the newsletter over about three weeks. I figured it out with all the new subscribers who had jumbled names and emails that didn’t seem real. After talking to someone with experience in computer networks about it, I realized that the hacker wasn’t doing what I thought might be going on — such as sending my readers a bunch of spam, or selling them phony get-rich-quick schemes. Nope, he or she was just hacking.

Where it all started in a big way
The current wave of hacking — which can include identity theft, electronic banking fraud, breaching of high-security computers, wiping out computers with a virus or malware, and crashing a network — started hitting major targets about 2012. State-held oil giant Saudi Aramco was hit by the Shamoon virus in 2012, which wiped out computer disks held by targeted government agencies and private companies. It was brought back in 2017 as Shamoon 2, thought to be sent by a group named “Cutting Sword of Justice” which claimed responsibility.

Companies hit hard by hackers in recent years have included Adobe, eBay, Equifax, Sony, LinkedIn, Marriott International, and Yahoo. Another big one happened last year when a software engineer in Seattle hacked into a server holding customer information for Capital One and obtained the personal data of over 100 million people.

If US consumers are going to buy into autonomous vehicles and flying cars in any significant way, the issue of vehicle safety and freedom from takeovers will have to be resolved. This applies to services such as Amazon Prime Air delivering packages in 30 minutes or less using small drones.

The US military has been testing out unmanned combat aerial vehicles for several years, along with unmanned ground vehicles. These vehicles and their collected data have been tapped into by autonomous vehicle research centers at universities like Carnegie Mellon, vehicle manufacturers, and AV technology supplier partners.

Leave a Reply

Your email address will not be published. Required fields are marked *

HTML tags are not allowed.

783,711 Spambots Blocked by Simple Comments