Can You Hack My New Car?
- Automated Cars and Cybersecurity Threats
- Vehicle Connectivity
- Regulations and Unified Parts
- Final Words
Does a connected or self-driving vehicle offer viable anti-hacking protections?
Belgian researchers were able to crack the encryption of a Tesla vehicle for the second consecutive year and drive it without even touching the owner’s car keys. It raised pressing questions about the security of self-driving, connected cars.
Lennert Wouters, a researcher at Belgian university KU Leuven, told “Wired” that he and his team managed to steal the Tesla Model S by cloning the car’s key fob encryption in a few seconds. He added that they used standard radio equipment to execute the hacking attack.
Thus, anyone with average technical skills and basic radio tools can steal a keyless car. Most emerging models of self-driving and connected vehicles use a no-key technology to help you unlock and drive your automobile.
Last time, Tesla was forced to replace the hardware to solve the problem, which is the worst scenario for owners. While now, the company needs to update and patch the software responsible for securing your connected car.
But the problem with unauthorized access to a self-driving vehicle extends beyond car theft. A stolen autonomous vehicle can cause a lot of harm, and the attacker doesn’t have to be anywhere near it.
Consumers Underestimate Cybersecurity of Cars
A World Economic Forum survey revealed that 23% of consumers are reluctant to use self-driving vehicles because they worry about hacking attempts. While 50% don’t purchase autonomous cars because they wouldn’t feel safe inside them.
This study shows that people still don’t fully understand what self-driving and connected vehicles are or the challenges that arise from them.
For example, the hacking of a smart car enables the hacker to use it for whatever purpose he may have in mind. And he doesn’t even have to be anywhere near it to steal it. He can hack into the system from miles away and program the vehicle to self-drive off into the sunset.
And stealing a car is not the worst-case scenario. Just imagine what can happen if someone takes control of the vehicles while you are driving on a highway. The attacker can use them to reak havoc, cause accidents, or even execute terrorist attacks.
How Connected Should a Car Be?
Today’s connected cars are well prone to hacking, even those without self-driving capabilities. That proves that any online system is hackable regardless of the cybersecurity protocols in place. And our vehicles are no exception.
Connected and highly automated vehicles are subject to cyberattacks. Hackers can penetrate your car’s computer through a vulnerability in a cloud-based audio streaming service, for example. As a result, they’ll take control over your steering wheel or braking system, which are both operated by the same built-in computer.
Therefore, one must question the level of connectivity and automation that cars should have.
The only way to reach total cybersecurity protection is if our cars don’t have Internet access. It is technically possible to make a non-connected, self-driving vehicle. However, it seems that none of the leading researchers in this domain are taking this path.
Hence, we need to find the right balance between connectivity and security. But that is hard to achieve since the latest generation of vehicles tends to connect to an increasing number of online systems.
Standardization, Regulation, and Open Standards
The self-driving vehicle sector needs to have proper regulation to deliver safe and secure automobiles. Being safe on the road is not the same thing as having a secure car, especially when it comes to cybersecurity.
Another problem with autonomous vehicles is they do not use standard components for digital parts and software. Companies such as Waymo, Tesla, Uber, Apple, and Amazon, as well as traditional carmakers, are all developing their own systems for most of the time.
That could be a double-edged sword, as non-standard digital components tend to cause problems more than often.
It is especially alarming in the case of Internet of Things (IoT) networks, which connect hundreds and thousands of devices. That turns your car into a mobile IoT device, where any weakness in the system could be a potential threat for your safety.
That’s because the attacker can take over your smart vehicle by hacking into any program. In other words, cybercriminals will be able to select which route to take, disable the breaks, control driving speed, and other things that could endanger your wellbeing.
Are Car Hacks Possible? – Parting Words
There is no question whether the vehicle of the future will be a connected one or not. A certain level of autonomy will also define any vehicle’s behavior in the years to come. The global autonomous vehicles market is expected to reach $54 billion in 2019 and grow ten-fold within five years.
That means it will hit $556 billion, or half a trillion dollars, by 2026.
Such a market opportunity is both a blessing and a curse, as car manufacturers race to release fully-functioning self-driving cars as soon as possible. Unfortunately, that leaves room for error, especially in the cybersecurity department, which may cause severe troubles in the future.
The same technology that creates autonomous vehicles also determines who can access every self-driving vehicle. And if someone hacks into the system, they can take total control of the car. It is a feature that can be controlled and operated centrally as well.
But if we want to avoid living in an actual Orwellian society, manufacturers should solve the cybersecurity problems during the design stage, before these vehicles hit the roads.
Would you consider using a self-driving vehicle? Tell us your answer in the comment section below.