The majority of Hungarian people aged 18–59 think that car owners are subject to an external hacking attack. Moreover, 90% of car owners (nearly 2.2 million people) and 80% of those who do not have a car (2.7 million people) say that such an attack is a real threat even today. Notwithstanding the above, only 18% of the respondents consider themselves well-informed in this topic, although 55% of them think that car-hacking attacks will create an increasingly serious problem in the future.
The most astonishing finding of the survey was that a high number of car owners (63%, accounting for more than 1.5 million Hungarians) thought that their own cars were not likely to be subject to an external cyber attack. 77% of the cars in private property are equipped with components that may pose a risk, including anti-theft systems, smart functions (in 44% of the cars), on-board computers (31%), or driver-assistant functions (21%). Ziv Levi, CEO of Arilou Cyber Security, member of the NNG group says that a high number of people don’t even have an idea of how easily a car can be hacked, even if it’s not a high-end vehicle. A hacker, who knows the ins and outs of such systems, can hack the anti-theft system of a car from a distance of 10–30 meters. A navigation system can be hacked even remotely, and although one cannot gain access to the critical systems of the vehicle this way, they can navigate the driver to a location completely different from their original destination. In-car smart functions are normally controlled by the use of the phone’s Bluetooth connection, but as smart phones also have an internet connection, a hacker may use this connection to access the in-car systems from any distance. And if a hacker has an extended knowledge of the various interfaces (like Bluetooth radio, smart phone-integration), he may also get access to the security-critical systems of the vehicle. However, the greatest risk is posed by the driver-assistance functions. Normally, they are not directly connected to the internet, however, if you hack one of the numberless in-car ECUs (electronical control units), you can also access the driver-assistance systems, thus gaining complete control of the vehicle. Last but not least, the majority of on-board computers are connected to several external networks (Bluetooth, Wi-Fi, USB) as well as the car’s internal network. Therefore, by getting round some internal infotainment components, a hacker may easily tamper with the car’s own network.
On the positive side, although people demonstrate limited knowledge of this topic, more than 60% of the respondents said that they would take into account the vulnerability of the desired car to external cyber attacks at the next purchase. As digital solutions are gaining ground and the risk of cyber attacks is increasing, car makers have to put considerable emphasis on and allocate substantial resources to this area.
Automotive cybersecurity will probably be a frequently emerging topic in the future. The United States of America has also drawn up a draft law on cybersecurity, conferring traffic authorities with broad powers on governing cybersecurity of in-car systems, thus reducing the risk of a potential cyber attack. Last August, the UK government issued new cybersecurity guidelines for smart cars to ensure that automakers pay attention to the importance of cybersecurity. NNG is continuously working on providing its automotive partners with effective solutions of cybersecurity. Earlier this year, the company announced its first product designed to provide comprehensive protection against the most common hacker attacks.
About the survey
The survey was conducted by NRC Media Research, on behalf of NNG. The five-minute online questionnaire was completed by NRC Netpanel members, the sample size composed of 1,000 respondents, and data collection was based on multistage stratified sampling, a random sample. The survey is representative of the Hungarian population aged 18–59, broken down to age groups, genders, qualifications, and types of domicile.