Your client’s car stores a lot of their personal data—from biometrics to driving habits, to phone contacts, and more—and that could mean they’re being unduly exposed to cyber-attacks.

Modern cars use sensors and connected technology to make driving easier, safer and more seamless. The problem is, they may also expose drivers to personal data breaches and even present an increased risk of car theft, says one P&C broker.

“Similar to ransomware,” poses Steven Harris, licensed insurance broker and expert at LowestRates.ca, “could something like that happen on a vehicle?”

The answer is yes, Harris says. “You could see situations where people’s vehicles, for all intents and purposes, are bricked, and you can’t access them or operate them, provided you pay that ransom to restore the functionality of your vehicles.”

And with technology presenting more opportunities for vehicles to be cyber-hacked, is it possible a cybercriminal could take control of a car’s steering or braking?

“There’s instances or examples out there where they control the headlights of the vehicle and things like that. So, there’s definitely concern,” Harris says.

“It’s early days,” he adds, but so far, the industry hasn’t seen cases of hackers accessing driving functions.

The bigger risk, at least for now, is that drivers may involuntarily expose their data to hackers when they connect their phones to their cars. This leaves them vulnerable to cyber-attacks, ransomware or extortion, and identity theft.

A recent HSB survey found 72% of consumers sync their phones with their personal vehicles and another 60% store personal information in their vehicle computer systems.

Then, some drivers use telematics devices to monitor their driving habits on behalf of insurers. They can either be plugged into a vehicles’ dashboard or downloaded by the driver as a smartphone app. But this can also be a potential cyber security risk.

Plus, many modern vehicles use sensors and cameras that both survey your surroundings and track your driving habits. This information has the potential to tell hackers a lot about a person’s neighbourhood and their routines. This could leave them vulnerable to car theft, should a hacker obtain this information.

Not to mention how many thieves are already using signal jammers to hijack drivers’ key fobs and steal their car.

“We lose sight pretty easily of how much data can be stored in these vehicles now as they get more and more connected,” says Harris. “The concern is, could that information be compromised or potentially used against you in a way where cybersecurity insurance could come into play and provide protection?”

Though still a fledgling risk, there’s not a robust insurance product suit designed to address auto cybersecurity—at least yet, Harris says—though there are some U.S.-based examples to draw from.

One is Munich Re’s HSB, which recently introduced cyber insurance for autos. It covers attacks on personal data that’s connected and stored in a vehicle.

However, without many products on the market designed for this risk, brokers must advise their clients to take precautions of their own, lest they find themselves vulnerable.

For example, drivers should be wary about the information they save in their phone apps or car. Saving your home or work address on Google Maps may tell a hacker exactly where you live.

 Other precautions include:

  • Limiting permissions on your phone 
  • Keeping your car’s software up-to-date 
  • Thoroughly reviewing the privacy policies of apps you’re connected to  
  • Avoiding public Wi-Fi networks 
  • Turning off Bluetooth when not in use 

 

Feature image by iStock.com/dusanpetkovic