Return of the Guru

Auto Security Vulnerability Poses Problems for Insurers

Ara Trembly
Insurance Experts' Forum, March 17, 2011

Common sense would dictate that having a remote service like OnStar in one’s car would be a benefit, with the technology allowing for quick emergency response, remote door unlocking and even tracking of stolen vehicles. Like most technologies, however, this one has its down side, and that side has been emphasized by a new report cited recently in The New York Times.

It seems that with a modest amount of expertise, computer hackers could gain remote access to someone’s car—just as they do to people’s personal computers—and take over the vehicle’s basic functions, including control of its engine, according to a report by computer scientists from the University of California, San Diego and the University of Washington, the Times says.

While the article notes that no such takeovers have been reported in the real world, the scientists were able to hack into a vehicle’s systems in an experiment they conducted.

“Because many of today’s cars contain cellular connections and Bluetooth wireless technology, it is possible for a hacker, working from a remote location, to take control of various features—like the car locks and brakes—as well as to track the vehicle’s location, eavesdrop on its cabin and steal vehicle data,” the researchers said. They described a range of potential compromises of car security and safety.

In their remote experiment, researchers were able to undermine the security protecting the cellular phone in the subject vehicle, and then insert malicious software, the article says. This allowed them to send commands to the car’s electronic control unit—the nerve center of a vehicle’s electronics system, which, in turn, made it possible to override various vehicle controls.

The bottom line is that, vandalism aside, cars that are equipped with cellular technology and services are in greater danger of being stolen. Of course, this hasn’t happened yet, but surely having the idea spread worldwide by one of the country’s leading newspapers will give some criminals ideas. And this mode of theft has several advantages, including the fact that the thieves will know when you’re not in the car, and will be able to open and start it looking as if they had the keys. Further, once the vehicle is procured, the cellular connection could be disabled.

From an insurance point of view, these developments pose an interesting quandary. Should auto premiums be higher for cellular-connected vehicles? Maybe those premiums should be lower for vehicles that demonstrate better-protected wireless systems. With the already poor security capabilities of most wireless devices today, however, one wonders what automakers could do to bolster defenses against such an attack.

Ultimately, we may find that we won’t just be able to jump into our vehicles and start them up. Instead, we may need to pass muster with some biometric (fingerprint, retinal scan) device just to gain access to the car. Next, we might have to enter a password in order for the vehicle to start. Sounds like a lot to go through just to take a trip to the supermarket, but just as technology makes things easier for legitimate car owners, it also provides opportunities for the criminally minded among us.

Insurers will have quite a task to determine just how to rate these risks. Stay tuned.

Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

Competing with the Coasts for Tech Talent

Are heartland-based insurers at a recruiting disadvantage for tech skills?

Putting Your Investments Where Your Transformation Is: Part 2: Optimizing Your IT Investments Portfolio

Sam Medina continues a 3-part series on Transforming the IT Investment Budget in order to fund new programs and initiatives without the necessity of additional capital expense.

Boosting Performance with Integrated Underwriting Tools

A unified, comprehensive platform can help underwriters perform their jobs more efficiently and profitably.

Opinion: Halbig Decision Creates New Level of Uncertainty for Obamacare

Time will tell if the Halbig decision remains viable. But in the meantime, a new level of uncertainty has been injected into the process.

Apply Mindfulness to Leadership

Managers can benefit from applying this theory both to their career aspirations as well as to interactions and expectations of staff.

Apple's Way: Succeeding in the Enterprise Without Even Trying - Part 3

Today's data centers are doing far more with much smaller footprints.

Advertisement

Advertisement