Why over-the-air vehicle software is becoming a cybersecurity concern for automakers

Why over-the-air vehicle software is becoming a cybersecurity concern for automakers

Automakers have increasingly turned to over-the-air, or OTA, technology to update vehicle software and systems without a trip to the workshop. Analysts say that shift has made modern cars more exposed to cyberattacks, prompting calls for stronger oversight across the sector.

OTA systems allow manufacturers to send new software, firmware, fixes and data wirelessly to connected devices. Tesla helped popularize the approach when it began rolling out OTA updates for Model S vehicles in 2012, and experts say the method is now widely embedded throughout the auto industry. Supporters point to its speed and lower cost compared with traditional recalls or maintenance-based updates.

Security concerns extend beyond cars

The same convenience has raised alarms about transportation infrastructure and national security. According to analysts cited in the report, OTA-enabled systems could create opportunities for data theft, sabotage or interference with vehicle controls. One expert described the issue as a unique national security concern, noting that countries including Norway, Denmark and Britain have already voiced worries about the possibility of foreign actors affecting moving vehicles.

Those concerns are not purely theoretical. Late last year, Norwegian bus operator Ruter tested two buses and found potential risks tied to OTA technology. The company said one bus had access to its battery and power systems through a mobile network and a Romanian SIM card, meaning it could theoretically be stopped or disabled by the manufacturer. That finding prompted investigations in the U.K. and Denmark, while Britain’s transport department said it was examining the issue with the National Cyber Security Centre.

Although those probes involved buses made by Chinese manufacturer Yutong, experts said the risk is broader than any single company or country. OTA systems are also spreading into rail, maritime transport, aerospace, industrial machinery and robotics, widening the range of industries that may need to treat software updates as a cybersecurity issue as much as an engineering one.

Source: cnbc.com

Amanda R
Amanda studied cinema before she decided to go to the other side and start writing about movies, TV shows, and celebrity culture. In her free time, she loves to travel and New York is her favorite city in the world.