Major automakers such as Google and Tesla are racing to build fully autonomous cars, creating a future where people of all ages and locations can get around easier. These future smart cars could also help dramatically reduce the annual deaths that result from automobile accidents.
However, like connected vehicles and their onboard multimedia systems, these new self-driving, “safer” technology elements, could end up leaving the cars vulnerable to hacker strikes. With risks such as these, it’s critical in a new world of constantly connected devices, particularly autonomous vehicles, to make sure cybersecurity measures go beyond more than just complex encryption.
What makes them so vulnerable?
The answer to this question can vary on what kind of self-driving car you are driving and how connected the car is to the outside world. For example, a car would be more susceptible to a cybersecurity attack if the car does any significant computations by connecting to the outside world via the cloud, needs some sort of internet-connectivity for its functionality or completely relies on outside sensors for making all decisions.
As has been proven time and time again, any computerized system that has an interface to the outside world is potentially hackable. With this risk known, experts know that it is very difficult to create software without any bugs—especially when the software is very complex. Therefore, very complex systems such as self-driving cars might contain vulnerabilities that may be potentially exploited by hackers or may rely on sensors for making decisions that could be manipulated by hackers. An example of this would be a road sign that looks like a stop sign to a human might be constructed to look like a different sign to the car. In fact, more and more research papers have been appearing lately that are demonstrating such tricks against machine learning systems.
On a separate note, it’s important to realize that today’s smart cars transmit information wirelessly about their operation such as speed, acceleration and braking. Since the data is so detailed, it is attractive to cybercriminals and leaves drivers vulnerable. In a recent study, researchers in a blind test were able to correctly identify drivers by simply comparing data sent by their vehicles with their known driving habits. It’s also important to note that since vehicle functions like engine management system, control gauge cluster, airbags and sound and communications systems are interconnected, and if unencrypted, provide channels through which hackers can take command of a vehicle.
A cybersecurity perspective
Though the future of driverless cars seems exciting, inventive and practical, from a cybersecurity lens, driverless cars present a number of unique considerations, challenges and risks. While many of the issues at play are not necessarily unique to driverless cars, these connected vehicles collect massive amounts of information by design and travel into areas that may often increase the risk of unintended disclosure. Moreover, these vehicles may be used to cross borders and enter jurisdictions that require the protection of information in vastly different legal ways. As the technology continues to develop, manufacturers are encouraged to build sound privacy and cybersecurity practices into the foundation of the design.
Do you think the benefits of smart cars outweigh the risks? What other cybersecurity concerns did we not talk about in relation to smart cars? Share your thoughts below!