By Tala Issa
The ‘connected’ car, while still in its early stages, is expected to improve traffic flow and most importantly, consumer safety. However, concerns have been on the rise about the cybersecurity element of these vehicles.
As they are connected to the internet, it could mean that cybersecurity risks are present, would could essentially make it a playground for hackers.
Indeed, any discussion regarding autonomous vehicle safety must consider both the cyber and physical components.
The prospect of driverless cars offers a great deal of advantages when it comes to physical safety. Autonomous cars are a very safe option for those who are unable to drive like the sick or the elderly. Another benefit would be their immunity to human limitations. Humans can often become very tired if they have been driving for long distances, hence making them drowsy or they could be distracted by their phones while they are driving. Then there’s also the tendency for those in a hurry to over-speed, and the list goes on. Autonomous cars have the ability to detect any sudden interferences as they are equipped with many sensors and unlike humans, they are able to notice barriers early which could in turn, avoid fatal accidents. Moreover, autonomous vehicles have the ability to eradicate collisions with other vehicles. Driverless cars can actually recognize the presence of other cars and can make an estimate based on the size and speed at which the other vehicle(s) is (are) moving. Also, they are able to read road signs through light-detecting and ranging sensors. Another vital element of this innovative technology would be their use of GPS technology which could drastically improve traffic flow as they can detect the densely traffic-packed roads.
However, this technology brings with it some perils too.
A new report titled ‘Kill Switch: Why Connected Cars Cab be Killing Machine and How to turn them off’, LA-based consumer watchdog has stated that connected cars are becoming the norm very rapidly and have deemed it a risk to national security.
“The troubling issue for industry technologies is that these vehicles’ safety-critical systems are being linked to the internet without adequate security and with no way to disconnect them in the event of a fleet-wide hack,” the report read.
It also said that despite industry executives being well aware of the risks posed by connected cars, they still seem to proceed with deploying the technology and encouraging its use, which, the report argues, essentially means they are putting profit first and safety second.
The report read, “Millions of cars on the Internet running the same software means a single exploit can affect millions of vehicles simultaneously. A hacker with only modest resources could launch a massive attack against our automotive infrastructure, potentially causing thousands of fatalities and disrupting our most critical form of transportation.”
It also mentioned that due to the amount of attacks which have taken place over the past few years alone, it seem that we are in the era of cyber warfare and that an attack “targeting transportation infrastructure is a growing possibility”.
The concern here is that hackers could have the power to impose property damage and even deaths. This could be particularly threatening to some sensitive industries and could lead to dire consequences. However, the military and aviation industries have avoided connecting dangerous machines to a network and the report mentioned that the “auto industry has yet to learn this lesson”.
This report constituted of a five-month study with the cooperation of car industry experts, engineers and technologists.
One of the ‘whistleblowers’ from within the industry who participated in the study stated, “You can control all sorts of aspects of your car from your smartphone, including starting the engine, starting the air-conditioning, checking on its location. Well, if you can do it with your smartphone, anybody else can (do it) over the internet”.
Consumer Watchdog president, Jamie Court, echoed this sentiment and said, “Connecting safety-critical systems to the Internet is an inherently dangerous design”.
Cybersecurity is now a priority for many organizations around the world, especially those operating in mature markets.
This is especially pressing because it has been speculated that by 2022, around two-thirds of new cars in the US will be connected cars which could essentially put them at (cyber) risk.
However, a spokesperson for the Alliance of Automobile Manufacturers disagreed and said, “Automakers are taking many protective actions, including designing vehicles from the start with security features and adding cybersecurity measures to new and redesigned models.”
Another report on the subject, which was released earlier this year by the Ponemon Institute, titled ‘Securing the Connected Car: A Study of Automotive Industry Cybersecurity Practices’ found that the automotive industry was not so up to date with their software security systems and that connected cars were not yet ready to take to the streets.
The report anaylzed the results from a survey of 593 automotive industry professionals such as those involved with security, product development and engineering. They found that 63 percent of their respondents from the industry itself said that they test less than 50 percent of their technology (including hardware and software) and that only 10 percent actually possess established teams dedicated to cybersecurity.
Founder of the Ponemon Institute, Larry Ponemon, said in reference to the hacking threat, “It is better and stealthier. The fear is that it could cause massive damage. These things aren’t sci-fi either- they are real issues”.
Jamie Court, President of Consumer Watchdog (the company which issued the aforementioned report), suggested that in order to begin to address the cybersecurity issue, consumer should be allowed “physically disconnect their cars from the internet and other wide-area networks should be a national security priority.
He continued, “If a 9/11-like cyberattack on American cars were to occur, recovery would be difficult because there is currently no way to disconnect our cars quickly and safely. The nation’s transportation infrastructure could be gridlocked for weeks or months. Mandatory ‘kill switched’ would solve that problem”.