The WannaCry ransomware attack this week shocked the world, and the ripples will be felt for months to come. It demonstrates that cyber criminals are stepping up their campaigns and one sector increasingly at risk is autonomous vehicles.
Whilst no cyberattack on self-driving cars has yet been made, the danger was highlighted last year when 1.4 million vehicles in the US were recalled. Researchers found they could hack wirelessly into an automotive telematics system and shut down the engine.
This brings further complexity to an industry already beset with challenges. It forces us to consider just how disruptive and potentially lethal a cyber-attack could be as our cars increasingly become IoT connected in the future. Customers are already looking to manufacturers for answers. In recent years, some well-known brands have made headlines for failing to issue a timely recall – unforgivable in the eyes of customers whose safety they feel should be a primary concern, says Farzad Henareh, vice president Business Development EMEAA, Stericycle ExpertSOLUTIONS.
An RSA conference last year determined that consumers feel the vehicle manufacturer has ultimate responsibility for securing a vehicle from hacking, and 2016 saw the highest number of automotive recalls since records began. There are many and various reasons, but it’s no coincidence that the growing use of new components and software that allows drivers to take advantage of connected features has played its part.
Car manufacturing is governed by very strict rules, but when it comes to connected and autonomous cars, technology is evolving more rapidly than safety regulations which has left a gap, making consumers potentially more vulnerable to risks and creating a veritable minefield for businesses, where preparation is the key to survival.
The same issues also apply to mobile IoT connections and smart metering, where lack of regulation is causing confusion, making manufacturers more likely to retrieve a product from the market rather than leave themselves open to reputational and brand damage.
When it comes to consumer products, the smart technology that enables them to be IoT connected also puts them at greater risk of technical fault. The long-term use of domestic appliances such as fridges and washing machines may become a thing of the past as their complexity makes them more difficult to fix, and increases the likelihood of recalls.
Once a recall occurs, executing the event and disposing of the affected product is also more complicated as technologically advanced products often include potentially hazardous materials that face their own regulations.
In a report we prepared at the end of last year, we highlighted the issue of IoT and cyber-security. We cited the use that hackers made of IoT connected digital recorders and webcams to disable the Internet infrastructure provider behind some of the world’s biggest and most popular websites in 2016.
Within a week of such an incident, a Chinese manufacturer hit global headlines, forced to launch a massive recall of its cameras when they were found to have security flaws that could have been compromised. This is the worry for all manufacturers of connected devices. Now, more than ever, there is a focus on whether their solutions actually pose a real risk to homeowners.
This level of scrutiny will result in more products coming under the spotlight and inevitably, if security vulnerabilities are found, this will mean more recalls, and worse, legal action.
So, there is clearly a balance to be struck between embracing the many advantages of IoT solutions and the enhancements they bring to our lives, with the challenges that they can present to manufacturers and the risks to consumers.
The arrival of regulations, whilst protecting consumers, will also be an advantage to manufacturers, enabling them to work within set guidelines and reduce the chances of recalls occurring.
However, while we wait for this to happen, manufacturers who are faced with the daunting prospect of a product recall – or even those who aren’t yet – may want to consider the advantages of seeking third-party expert help to collate a best practice recall plan. Retrieving IoT connected devices from the market needs careful consideration, with the insight that only an experienced company is able to provide.
The author of this blog is Farzad Henareh, vice president Business Development EMEAA, Stericycle ExpertSOLUTIONS