A 2014 Jeep Cherokee on stage at the New York International Auto Show in New York.  Picture: REUTERS/LUCAS JACKSON
A 2014 Jeep Cherokee on stage at the annual New York International Auto Show in New York. Picture: REUTERS/LUCAS JACKSON

BUILDING on its expertise in technology, Israel is emerging as a leader in the race to keep cars secure and prevent the nightmare scenario of a hacker commandeering your vehicle.

Most cars today are equipped with some level of connectivity and self-driving vehicles are being developed. Given this level of sophistication, protecting cars from contamination with malicious software has become big business.

"We view this as a potential $10bn market opportunity over the next five years," says Daniel Ives, an analyst with FBR Capital Markets in New York.

"As we have seen with cyber security over the past decade, the lion’s share of the innovation going after this market is from Israel and Silicon Valley."

Fiat Chrysler recalled 1.4-million vehicles to install new software last year after cybersecurity researchers showed they could turn off a Jeep Cherokee’s engine as it drove. Software manipulation, albeit intentional, was also behind Volkswagen’s emissions scandal.

From its headquarters in Tel Aviv, Check Point, one of the world’s largest cyber security firms, pioneered the computer firewall two decades ago. It hopes to repeat that success with a security capsule for vehicles.

Connected cars need a two-pronged defence. First, they must make sure nothing bad gets in, such as a virus sneaking through a navigation system. Then they have to keep internal communications secure to allow functions such as side-view mirrors that angle down when vehicles are put into reverse.

Check Point is focusing on protecting the car’s external gateway, says Alon Kantor, vice-president of business development.

After two years of meeting car makers and their top suppliers, they now have a working proof-of-concept. "The car manufacturers didn’t know exactly what cyber security was. We had to study the networks in different cars. It was mutual learning," he says.

With Check Point’s system, everything going in and out of the car passes through the company’s cloud-based network, where it is inspected in real time and malware is blocked. "The idea is to prevent the next recall and handle all security and updates over the air," Mr Kantor says.

Experts warn that hackers may eventually try to track driving patterns, interfere with fleet management or falsify information passed electronically to insurers.

"Vehicle makers are working to keep pace with the dynamic nature of cyber threats by incorporating security by design, developing internal expertise, and cultivating partnerships — both procedural and operational — with organisations specialising in cyber defence," says the Alliance of Automobile Manufacturers, a Washington-based association of 12 of the largest car makers.

About 420-million connected cars will be on the road in 2018, and the number has risen 57% annually since 2013, says market researcher IDATE.

Technology companies are alive to the business opportunity. Last week, Harman International Industries, a maker of connected car systems, said it was buying Israeli-founded cyber defence start-up TowerSec to protect its products with market-ready platforms.

Israeli media estimates the deal at $70m. IBM and CISCO have asked their teams in Israel to work on protecting cars.

"What makes cars so vulnerable to attack is that they are such complex systems," says Yaron Wolfsthal, head of the IBM research centre in Beersheba.

Premium cars can run on up to 100-million lines of software code — about 12 times more than the new F-35 stealth fighter jet.

IBM has developed a comprehensive prototype, Mr Wolfsthal says, and is looking to integrate it with a car manufacturer. The programme will be connected to other IBM systems that can spot patterns of security breaches.

Check Point says it showed executives from a few large car makers that it can hijack their car’s external communication channel using a handheld transceiver and frequency jammer, both of which can be bought on eBay for a few hundred dollars, and a laptop computer running open-source software.

Reuters