Hacker alert: Vehicle telematics insider shares key info on cyber crime and cars
Share this article:
JOHANNESBURG - Telematics systems in modern vehicles (like most IoT devices) are not immune from cybercriminal attacks, but choosing your tracking device carefully can make a difference when it comes to your vulnerability. With technology changing at such a rapid pace what used to be cutting edge three years ago is now already considered old technology. Processing capacity is more than doubling every 18 months. So, if you wouldn’t use an old cell phone why would you have an outdated telematics tracking device in your car? Tracking devices today have evolved to much more than just location alerts in times of trouble.
TIME FOR A TECH UPGRADE
Wahl Bartmann, CEO of Fidelity Services Group, says it is encouraging to see just how far telematics communications technology has changed – evolving from a low-density radio frequency in the 1930s to GSM in the late 1990s to IoT (Internet-of-Things) networks in the late 2010s, and more recently as an integrated lifestyle service that compliments your needs and offers features previously seen in separate applications, services and devices.
Cyber security is a key aspect in today’s modern tracking systems and is one of the key reasons that Fidelity has partnered with Amber Connect, a technology leader in telematics to offer the Fidelity SecureDrive vehicle tracking system (designed for South African conditions).
When it comes to cyberattacks there are at least three points of attack. The first is the end-user device, the second is the collection point for the device’s data and thirdly the portal/mobile app that displays the data.
South Africans often consider themselves invulnerable to cyberattacks however it’s because of this mindset that criminals are increasingly targeting South Africa in these attacks according to Bartmann.
He says to protect against such attacks, telematics devices and modern communication networks send secure data to the servers through their own encrypted protocols. “The most likely point of attack is the web portal/mobile application,” he explains. “Attackers leverage common application attack tools and techniques, including social engineering, password brute-forcing and other ways of doing so, to access information.” He adds that SecureDrive’s systems are designed with end-to-end encryptions and are provisioned with many security layers to prevent just such an attack and to future proof these devices through continued improvement of the back-end technologies.
“We use highly secure end-point devices, a secure collection service and have implemented several safeguards to protect the customer portal and mobile application. The system also has a user management feature that allows only an authenticated user to access their own information,” he says.
WHY YOU GET HACKED
Commenting on the type of information cybercriminals look for, he says this is personal identifiable information supplied by the user, typically driver and location information.
If accessed by cybercriminals, this can provide criminals with a wealth of information, particularly if it is coupled with a positive identity of the person or persons in the vehicle as well as vehicle location and driver habits. “Not only can it be used for blackmail, but also real-time avoidance of law enforcement, kidnapping and home invasion,” Bartmann says.
He says it is very important to select a device from a service provider who is not only aware of the security posture of each ‘link’ in the solution chain but has taken proactive steps to ensure that these links are secure from unauthorised use and tampering.
Bartmann concludes: “Your service provider should have active monitoring in place to identify any attempts at unauthorised access, suspicious behaviour and technical security controls. It is worth asking to see the cybersecurity solution overview for whichever service provider you choose.”
KEY TAKE AWAYS
When selecting a vehicle telematics system, ask your service provider about the following:
1) Anti-theft technology – Particular telematics providers offer optional features that prevent a vehicle from being started based on parameters set by the user. For instance, the application could be configured to either sound an alarm on start or to automatically prevent the car from being started between certain hours, within certain locations using geo-tagging. Additional features include the ability to configure alarms if the car door or trunk is opened.
2) Driver behaviour analytics – To alert the driver, for example, when they are exceeding the speed limit, turning too dangerously, driving aggressively or braking too harshly, as well as creating geo-fenced areas that warn users when they enter these areas. These features assist with creating driver awareness as well as helps prevent issues when children borrow a parent’s vehicle or as a safety measure to warn drivers if they enter an unsafe area.