TOKYO -- Japan is stepping up efforts to protect increasingly computer-controlled cars, trains and aircraft from cyberattacks ahead of the 2020 Tokyo Summer Olympics.

     Officials in charge of information security at automakers, railway operators and air carriers cannot afford to lose a battle of wits with their invisible enemies -- hackers -- as they strive to prevent worst-case scenarios, including accidents and disruptions of service.

Japan's move to step up cybersecurity comes amid an upward trend in the number of cyberattacks in the country, especially on certain companies and organizations.

Connected cars

Eva Chen, CEO at Trend Micro, a major information security firm, warned that information security measures for cars will become even more important with the spread of Internet-connected vehicles.

     Chen's warning is based on her own experience. When she was driving her Internet-connected car on a highway on the U.S. west coast in the autumn of 2015, the vehicle's display panel, showing the speedometer and navigation system, suddenly went black.

     The car in question was an electric vehicle produced by a major carmaker. Despite Chen's warning, however, it is still unclear whether her car's display panel went black as a result of a cyberattack.

     Two security researchers who claimed to have hacked into a car produced by Tesla Motors, the major U.S. EV maker, grabbed the spotlight at Def Con, a conference for hackers and information technology professionals, in Las Vegas in August 2015.

     Marc Rogers and Kevin Mahaffey explained at the conference how they had hacked into the Tesla Model S sedan. They had discovered vulnerabilities in software installed in the Model S and were able to make the EV come to a standstill remotely using a smartphone.

     "The reason we hacked the Model S is that it is the most connected car in the world," Rogers said, quoted by media outlets.

 Tesla said it welcomes the efforts of "whitehat hackers," like Rogers and Mahaffey, who discover and report software vulnerabilities.

     In response to the two whitehat hackers' report, Tesla issued a statement saying that it had already distributed a software update to fix the vulnerabilities in the Tesla Model S.

     Fiat Chrysler Automobiles, an Italian-American automaker also known as FCA, recalled 1.4 million vehicles following a similar hacking attack on the Jeep Cherokee in 2015.

     The attack on the Jeep Cherokee was carried out by prominent security experts to issue a warning over the safety of Internet-connected cars.

     The Japan subsidiary of ETAS, a German company developing automotive software, provides security assessment test services to Japanese automakers developing self-driving cars.

     A self-driving car contains many electronics parts and is equipped with complicated systems. Toyota Motor and some other automakers are racing to commercialize their self-driving cars around 2020.

     The Japan subsidiary of ETAS said that demand for its security assessment test services is growing strongly among Japanese automakers, as they need to discover vulnerabilities in the early stages of development and take necessary measures.

Trains and aircraft

In addition to automakers, railway operators and air carriers are also under growing pressure to strengthen information security measures ahead of the 2020 Tokyo Summer Olympics.

     Officials in charge of information security at railway operators and airlines want to prevent cyberattacks similar to the ones that have occurred abroad in recent years targeting trains and aircraft.

     In Poland, for example, a 14-year-old boy hacked into the information system of a railway operator, stole technical information and eventually derailed a train in 2008. The teenager had modified a TV remote control and used it to change track points.

A report from the U.S. Government Accountability Office sent shock waves through the global aviation industry in the spring of 2015. The report pointed to security problems with flight-control systems of commercial aircraft.

     The news reports said that commercial airliners could be hacked in-flight as a passenger with a laptop in the cabin can take control of an airplane via the airplane's Wi-Fi system.

     Many information security experts agree, however, that such a cyberattack on aircraft could not take place as an airplane's flight-control system is usually separate from its Wi-Fi system.

     But an official in charge of information security measures at All Nippon Airways said that ANA is not complacent about cybersecurity.

     ANA is always monitoring all systems related to the operation and maintenance of aircraft to detect any abnormalities. "We are trying to improve our cybersecurity measures every day, thinking that they are not perfect yet," the official said.

Cyberattack warning

Michael Smith, chief technology officer in charge of information security in the Asia-Pacific and Japan at Akamai Technologies, a major U.S. content delivery network services provider, predicted that the number of cyberattacks in Japan will rise further in the future.

     Smith warned of cyberattacks in Japan, especially by so-called hacktivists, who engage in the hacking of computer networks and systems as part of protests over social and political issues.

     In fact, there have been many cyberattacks on Japanese companies and public organizations by hacktivists campaigning against the country's whaling and dolphin hunting since around September 2015.

     Smith said that hacktivists often launch cyberattacks during high-profile international events. Japan needs to prepare for such attacks as it hosts many big international events in the years to come, Smith said.

     Smith specifically cited the summit of leaders from the Group of Seven major industrialized nations in Mie Prefecture in May this year, the 2019 Rugby World Cup and the 2020 Tokyo Summer Olympics.

 

Additional information