Big Automakers Aren't the Only Ones Keeping Hackers Out of Your Car

Ready or not, connected cars and the increasing challenges they bring, are here. 

A rise in technology-laced vehicles has exploded as companies like Tesla (TSLA) , General Motors (GM) , Fiat-Chrysler  (FCA) and Toyota (TM) , as well as nontraditional players like Alphabet (GOOGL) , Apple (APPL) and Uber try to make driving easier, safer and less expensive for the everyday consumer.

But with the widespread adoption of technology in vehicles -- the market is expected to hit 250 million connected cars by 2020 -- automakers have to increase their cybersecurity defenses just as they have to address physical safety precautions for these high-tech vehicles. With more cars on the road using the internet, the more threat they face from hackers.

Researchers behind new cybersecurity technology said 81% of passengers expect automakers to provide security in their cars, like they would expect seat belts or airbags.

So to combat the ever-expanding world of hackers and cybersecurity threats -- which can be the culprits of hijackings, data breaches and accidents -- companies like Tel-Aviv-based Argus Cyber Security, Security Innovations of Wilmington, Md., and Savari out of Silicon Valley, are taking the wheel.

But automakers seem to be about 20 years too late.

Yoni Heilbronn with Argus said the demand for security technology has increased so rapidly over the past five to 10 years that automakers have not been able to keep up. They don't have the time to develop it, while companies like Argus have already claimed to master it.

The privately held company has 20 patents in vehicle cybersecurity that solely work to eliminate bugs and defend against hackers, with some larger investments from companies like Allianz ALV.

Heilbronn said Argus is a product of Tel-Aviv's burgeoning cybersecurity industry, which originally grew out of a unit in Israel's Defense Forces called Unit 8200.

Argus' tech can be paired with autonomous driving features that seem to be gaining popularity in the industry right now, Heilbronn said, because as soon as a vehicle becomes connected to other cars on the road, infrastructure or the web, it becomes vulnerable.

Heilbronn said the technology involved in security needs multilayered systems. Every hacker has different skills, motivations, resources and time. Heilbronn said you can compare Argus' technology to a guarded castle. Imagine a moat filled with crocodiles, and a team of cavalry on the other side of the water with weapons raised. You can see the drawbridge, and men with buckets of hot oil at the top, just in case you make it over the mile-high barrier.

Reports of hacks have been prevalent since 2012, and Heilbronn said he had been warning automakers of these threats for years before that. He spoke to Congress after reports of a hacking of a Jeep Wrangler in the U.S., which he calls the "watershed" of the industry.

"Really, we shouldn't wait for something to happen in order to think that something should be done," he said.

Paul Sakamoto, Savari COO, has a similar take on the state of automotive cybersecurity.

Alphabet is a holding in Jim Cramer's Action Alerts PLUS Charitable Trust Portfolio. Want to be alerted before Cramer buys or sells GOOGL? Learn more now.

"We might end up with a physical danger issue, so we have to get out in front of it," Sakamoto said.

Savari, based in Santa Clara, Calif., began in 2008 after CEO Ravi Puvvala began testing vehicle messaging technology while working at Atheros Communications, acquired by Qualcomm (QCOM) in 2011. The company started primarily with research, and now provides tests in security and privacy for connected cars.

Savari uses vehicle-to-vehicle, or V2V, technology -- a messaging system that allows cars to communicate on the road, in hopes of preventing human error crashes -- which some see as a steppingstone to autonomous driving.

Sakamoto said his primary concern for connected cars is that if consumers don't trust the technology to be gridlocked from hackers, they won't trust the technology to keep them safe on the road.

The tech is supposed to give "real-time safety" for passengers, predicting movements like merging cars, red lights or cars slowing down, even when a driver can't see the threats. 

In terms of hacking, the technology isn't necessarily actively fighting breaches, compared to Argus' technology, but V2V is supposedly designed with hacking in mind; it's sealed shut to prevent either a physical intruder or a laptop user from a remote location.

Most commonly, breaches are successful when the hacker has some sort of physical access to the car, and usually for a long time, Sakamoto said.

Companies working without V2V technology in connected cars using any kind of internet computer system are more vulnerable to breaches, whether the hacker has physical access to it or not. And experts say the tech works the most efficiently when every vehicle on the road is communicating. But that could take time and money.

The average age of cars on the road is about 11 years old, according to the Department of Transportation, and initial estimates are that the technology could cost $300 million to $2.1 billion by 2020.

Heilbronn said V2V acts as a communicator between vehicles and infrastructure, which ultimately could leave holes in security. Debates about the scope of autonomous cars' safety and privacy continue to be hotly debated as the competition for security is notably between a few larger companies and startups.

"It's one of the great shames of our current state [that there are] all sorts of debates that come up when you talk about things like this," Sakamoto added. "Any technology could have negative issues."

In the first six months of 2015, there was a 14% increase in fatalities by traffic incidents, compared to the same six months in 2014. V2V and similar technology has the potential, if used by every car on the road, to reduce the number of nonalcoholic-related crashes by 80%, according to the U.S. Department of Transportation.

Pete Samson, senior vice president and general manager of Security Innovations, said that in order to put the technology into every vehicle, consumers have to trust it. And he believes that such trust starts with believing that the technology is safe and private. Security Innovations provides cybersecurity software for healthcare, financial, entertainment and technology companies in 27 countries. Some of its larger partners include Disney (DIS) ,  Verizon (VZ) , Alphabet GOOG  and Coca-Cola (COKE) .

In all, experts say efforts have and will continue to make vehicles more safe and user friendly, and automakers are entering the mix as well. Fiat Chrysler launched a program that pays hackers to discover flaws in its vehicles after a hacking incident last year caused the company to recall 1.4 million vehicles. The Italian-U.S. company will pay the hackers $150 to $1,500, the Wall Street Journal reported.

General Motors is doing the same through the program HackerOne, but in exchange for information, the company will protect the hackers legally.

Toyota has little to no information available on its anti-hacking efforts, and neither does Volkswagen (VLKAY) , except some information about the legal dispute that reveals the company was hiding research on hacking from 2012.

The first cars on the road with the option for this new technology will be the 2017 Cadillac CTS.

But cybersecurity analyst Morgan Wright said as of now, he's not convinced and won't be buying a car with this technology any time soon.

"The real danger here is that it's the hubris of the industry that thought this could never happen to them," Wright said. Many of the changes by automakers so far have been "lip service," and 20 years too late, he added. Instead of relying on technology in vehicles, Wright is of the mindset that consumers should pair their skills with these technologies.

"I'm not against progress, but I'm against ... deploying things faster than we can secure them," he said.

If you liked this article you might like

Tesla and Con Ed to Test Powerpack Battery Systems in New York

Tesla and Con Ed to Test Powerpack Battery Systems in New York

Why I Have Major Concerns Tesla Is a Viable Company

Why I Have Major Concerns Tesla Is a Viable Company

What Stock Market Correction?

What Stock Market Correction?

3 Amazing Dividend Stocks to Buy With the Dow in Turmoil

3 Amazing Dividend Stocks to Buy With the Dow in Turmoil

Let's Just Face It, This Is a Correction

Let's Just Face It, This Is a Correction