For example, last year the PC industry was hit with a rash of ransomeware attacks. The two most prominent attacks were Crowti (also known as Cryptowall), and FakeBsod; they were detected on more than 850,000 PCs running Microsoft security software between June and November 2015. Ransomware can prevent users from accessing OSes, encrypt files so users cannot access them and stop certain apps from running, such as a web browser. The hackers demanded money in exchange for giving control and data back to users.
The only other reason a hacker would wirelessly attack a vehicle, Juliussen said, is to prove his or her skill. Juliussen said the FBI/NHTSA notice is a great idea for educating consumers about the potential hazards associated with increasingly electronic vehicles, but the bulletin is more likely to have a bigger impact on the automakers — a virtual warning shot across the bow of the industry.
In 2013, the NHTSA warned cybersecurity should be essential to the public acceptance of new vehicle systems.
"With the FBI coming in on it, it's another stake in the ground," Juliussen said. "In some ways it raises the stakes for the auto industry — for people who might sue, lawyers can say the industry was warned in 2016."
Over-the-air software updates to the rescue
One potential way to address vehicle cybersecurity is through over-the-air software updates, the same technique your your smartphone or computer can protect themselves frome the newest threats.
Carmakers are increasing the ability to perform over-the-air (OTA) software updates through infotainment or telematics systems in current and next-generation vehicles. Virtually every request for proposal for infotainment system software that has come out over the past six months has contained a cybersecurity aspect, Juliussen added.
By 2022, there will be 203 million vehicles on the road that can receive software over-the-air (SOTA) upgrades. Among those vehicles, at least 22 million will also be able to get firmware upgrades, according to a new report by ABI Research.
ABI Research expects approximately 625 million consumer vehicles will be sold between 2016 and 2022. So, the percentage of OTA-enabled vehicles across the 2016 to 2022 timeframe would be 32% of the total sold.
In 2014, General Motors started its own cybersecurity group, HackerOne, a company that connects companies with security researchers.
Last year, two major U.S. auto trade associations opened an Information Sharing and Analysis Center. The organization will help to share cyber-threat information as well as potential vehicle vulnerabilities.
Also last year, after the Chrysler Jeep Cherokee hack, companies that provide cybersecurity software and services — such as Cisco — have seen an increase in interest by automakers, according to Egil Juliussen, director Research at IHS Automotive Technology.
Sign up for Computerworld eNewsletters.