Avoiding a Cybersecurity Car-tastrophe: UN adopts regulation for cyber-cars

July 16, 2020

2 min read

Sign up to our mailing list! 👇

What's going on here?

The UN is to adopt a new regulation which will require car manufacturers to ensure their connected vehicles cannot be subject to a cyber-attack.

What does this mean?

The modern car is becoming ever more advanced, with new apps and online features making driving not only safer but a customer’s heaven. However, innovation such as this comes at a cost. Hackers have been attempting to exploit access to these systems to gain customer and vehicle company data. What’s worse is that these hacks also risk interfering with safety functions. The UN regulation, which was adopted by 53 countries but excludes the US, is designed to combat this threat. Manufacturers will now need to make sure that “vehicles are built with cybersecurity protections” and ensure suppliers are cyber-secure.

What's the big picture effect?

In July 2020 BMW announced that it planned to “build cars on a subscription model.” All cars would be identical but, if the customer so chose, they could upgrade the car at any point on “BMW’s digital platform”. For example, they could choose to upgrade to heated seats or satellite navigation and these are the only features you would see. McKinsey & Co. estimate that by 2030 cars will have “300 million lines of software code,” which they compare to the modern aircraft’s mere 15m. As a result, cybersecurity spending on cars is set to increase to $9.7bn from $4.9bn by 2030. 

The UN regulations are designed to ensure that cars will be able to withstand a comprehensive list of cyber-attacks, including the data servers where data is processed and inside the car itself, where drivers could be tempted to download a virus. The list creates a standardised approach to cybersecurity, ensuring no aspect of a vehicle’s supply chain is left vulnerable.

The regulations shift the expectation onto all car manufacturers to do everything in their power to prevent cyber-attacks. But as vehicles become more and more interconnected, these regulations prevent one manufacturer’s lack of security becoming a wider problem for everyone. With data becoming more valuable, hackers will take any opportunity to exploit a vulnerability. Cybersecurity is key to the future; car manufacturers must do everything to ensure they do not become victims of cybersecurity failure. Fail and the consequences may not affect only one company, but the wider car manufacturing industry.

Report written by Michael Johnson

Share this now!

Check out our recent reports!