Consumers are becoming more and more aware that hacking isn’t just a gadget nuisance any more. Computer security problems, like viruses, increasingly come with real-world consequences — like the potential to screw with an airplane’s flight system, or more recently, a car. Wired’s Andy Greenberg last month revealed to the world the latest hacking horrible — security researchers were able to “kill” a Jeep while he was in it.
Checked patch, looks good. Well done Chrysler! Now, back to a vulnerable version for more testing! pic.twitter.com/RdBOyrRPuc
— Charlie Miller (@0xcharlie) July 20, 2015
“Though I hadn’t touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on my back through the in-seat climate control system,” Greenberg wrote. “Next the radio switched to the local hip hop station and began blaring Skee-lo at full volume. I spun the control knob left and hit the power button, to no avail. Then the windshield wipers turned on, and wiper fluid blurred the glass.”
Later, the hackers demonstrated they could stop and steer the car remotely using a software vulnerability. Yikes.
The digital carjacking incident was a huge embarrassment for Jeep maker Fiat Chrysler, which recalled 1.4 million cars to fix the software.
But pity poor Chrysler, which just happened to be the first car maker to end up with egg on its face. Increasingly, cars are run by computers, and increasingly, that means hacks like this are inevitable.
Consumers seem to implicitly understand this. Kelley Blue Book jumped at the news to churn out a survey of users showing that, yes, they all know about the Jeep incident, and yes, they all (ok, 4 out of 5) think car hacking will be a problem within the next three years. Much to my surprise, many even said they’d pay for hacking protection services, with $8 per month being the preferred cost. I smell a marketing opportunity for antivirus makers! I also smell a rat — why should consumers have to pay extra to keep computer criminals out of their cars? (And while I’m at it, could I make a final, fruitless plea to save at least some dashboard gauges and knobs? I *hate* digital displays.)
On to the results:
- 72 percent said they are aware of the recent Jeep Cherokee hacking incident.
- 41 percent said they will consider this recent vehicle hacking incident when buying/leasing their next car.
- 78 percent said vehicle hacking will be a frequent problem in the next three years or less.
- 33 percent classified vehicle hacking as a “serious” problem; 35 percent classified it as a “moderate” problem.
- 58 percent do not think there will ever be a permanent solution to vehicle hacking.
- 41 percent think pranking is the most common reason for hacking a vehicle; 37 percent think theft is the most common reason for hacking vehicle.
- 81 percent think the vehicle manufacturer is most responsible to secure a vehicle from hacking; only 11 percent consider themselves most responsible to secure a vehicle from hacking, and 5 percent see it as the responsibility of their wireless provider.
- 64 percent would prefer to go into a dealership to get a vehicle’s security patch installed; only 24 percent would prefer to do it wirelessly, and a mere 12 percent would prefer to have the software mailed so they could install it themselves.
- 47 percent said they would go to a dealership “immediately” if they knew they had to install a security patch to protect their vehicle from hacking; 31 percent said “within a week,” and 17 percent said “within a month.”
- 44 percent would prefer to be notified via mail, and 41 percent would prefer to be notified via e-mail, in the event their vehicle was recalled. Only 11 percent preferred notification via a phone call, and 5 percent preferred text.
- 52 percent indicated they would be willing to pay for a monthly subscription to ensure that their vehicle would be completely protected from hacking, with $8 being the average respondents would be willing to pay each month.
“Technology offers a wide range of enhanced convenience for today’s new vehicle buyers, but it also offers the increasing potential for unauthorized access and control,” said Karl Brauer, senior analyst for Kelley Blue Book. “Cyber-security is still a relatively new area of specialization for automakers, but it’s one they need to take seriously to ensure they are ahead of the curve. If automotive engineers find themselves playing catch-up in this field, it could have disastrous results for both consumers and the industry.”