This isn’t your grandfather’s Ford.

The automotive industry has undergone a revolution in recent years. Connected, autonomous, shared, and electric (CASE) vehicles were once fodder for science fiction, with many movies and tv shows depicting cities of flying cars. Now, commercial car manufacturers are pledging to totally overhaul and electrify their fleets — for example, Chrysler’s plans to be an all-electric vehicle (EV) brand by 2028 and Ford’s push to build 600,000 EVs annually by 2023. 

Even on the business side, there’s a growing business case for autonomous vehicles that could conceivably operate 24/7, boosting productivity. Think about public transit or parcel delivery.

The TL;DR of it all? There’s huge potential and opportunities — even in the last couple of years — for CASE vehicles.

But with this hyperconnectivity and complex deployment of IoT, it begs the question: what about cybersecurity? A new report from Deloitte Canada looks at this issue, noting that the automotive sector needs to be on high alert — and proactive — at addressing the inherent increase in risk.

The new cybersecurity threat to CASE vehicles

In Connecting Canada: Securing the vehicles of the future, Deloitte Canada outlines the new challenges brought by CASE vehicles, impacting manufacturers, suppliers, regulators, fleet owners, and governments.

For starters, Deloitte’s report explains that physical proximity to a vehicle is no longer needed for an attack to occur. In 2021, they outline, remote attacks “largely exceeded” physical attacks. 

Of attacks that were reported, only 15.5% required the attacker to actually access the vehicle. A whopping 84.5% of attacks were remote, with over 50% of all cybersecurity-related automotive incidents taking place in just the last two years.

What type of attacks are happening on CASE vehicles? Citing information from Upstream Security Limited, threats range from diagnostic data manipulation (low-risk), key spoofing and targeted malware (medium-risk), and GPS tracking/stalking and control of acceleration and braking (high-risk).

The aforementioned stakeholders — manufacturers, suppliers, regulators, fleet owners, and governments — all share responsibility of embedding cybersecurity capabilities into operations, the report explains. These need to be considered at five specific stages of the CASE vehicle life cyle: design, manufacturing, rollout, operations, and end of service. 

Ultimately, as the Deloitte team outlines in the report’s final thoughts, “even if a fleet owner or individual consumer does not wish to proactively engage in the new features, the connected vehicle is here to stay, and should therefore be considered when reviewing the cyber security strategy of any business.”

A welcome report

“When you consider the manufacturing of a car, consider it like a large puzzle, with many pieces from software or hardware body parts coming from different providers…When these pieces [from around the world] are put together, one might cause a little bit of a weakness in the operation of the other or open up a new pathway for attacks.”

Mirhassani also added that Canadian-made solutions need to be at the forefront. 

“We can’t always rely on what is coming from Europe, Asia, or the U.S.,” she says. “We have to develop solutions that are Canadian and for Canadians.”

Access Deloitte Canada’s full report

A staggering 63 million jobs are expected to be lost to automation in Asia-Pacific’s top five economies — India, China, South Korea, Australia, and Japan — by 2040, according to a new report from Forrester.

In addition, more than 247 million jobs susceptible to automation (eg. construction and agriculture) are expected to be in jeopardy.

Forrester’s Future Of Jobs Forecast, 2020 To 2040 (India, China, South Korea, Australia, and Japan) report found that while the green economy and information and communications technology sectors will help offset some of these losses (to the tune of 28.5 million new jobs created), there will still be 13.7 million jobs lost in the wholesale, retail, transportation, accommodation, and leisure sectors. 

“To prepare for the changes brought on by automation, the five largest economies in APAC will have to radically rethink their workforce strategies,” explained Michael O’Grady, principal forecast analyst at Forrester.

O’Grady further outlines what areas these regions can broadly focus on to face these challenges — hiring more female workers, for instance, “can help offset working population declines.” He adds that investment in STEM education, tech training, and protecting freelance worker rights are all important to address in the face of this new landscape.

What do some of these challenges look like? According to Forrester’s findings, countries are focusing on job creation, offsetting losses due to automation, and working through an aging workforce.

For instance, in Australia, 11% of jobs will be lost to automation by 2040. This is largely due to the country’s high GDP per worker, therefore incentivizing businesses to save labour costs and improve productivity through automation. 

Japan is facing an aging workforce, combined with a low birth rate. Thanks to these factors, the working population is forecasted to decline by close to one-third by 2050. South Korea is also facing an aging workforce, plus the fact that the economy is closely tied to construction and agriculture — both vulnerable to automation. Their working population will decline by 23% over the next 20 years, Forrester forecasts. 

At the same time, India will add 160 million new workers in the next 20 years. 69% of the country’s jobs are threatened by automation, but the country is focused on job creation to offset this risk.

Finally, in China, 7% of jobs are forecasted to be lost to automation, while the working population is set to decline by 11%. Forrester predicts growth in the information and communications technology sector, leading to 3.8 million new jobs to help offset job losses. 

Apple is warning of a flaw that is allowing hackers to seize control of iPhones, iPads and Mac computers, and is urging users to install emergency software updates.

Patches were released Thursday and Wednesday by the tech titan to fix what it described as a vulnerability hackers already knew about and may be taking advantage of.

“Apple is aware of a report that this issue may have been actively exploited,” the Silicon Valley-based company said.

Apple did not disclose whether it had information regarding the extent to which the issue has been exploited.

The technical description indicated that a hacker could use the flaw to take control of devices, accessing any of its data or capabilities.

Patches were released for iPhones, iPads and Mac computers running on operating systems with the vulnerability.