Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyber Insurance

Self-Driving Cars Vulnerable to Cyberattack, Experts Warn

Hackers pose a real danger to self-driving vehicles, US experts are warning, and carmakers and insurers are starting to factor in the risk.

Hackers pose a real danger to self-driving vehicles, US experts are warning, and carmakers and insurers are starting to factor in the risk.

Expected on the road by 2020 or even sooner, driverless cars should have a wide range of cutting-edge technologies such as electronic sensors — a group of cameras, radar, sonar and LiDAR (light detection and ranging) — commanded remotely using software that senses road widths, identifies signs and even roadblocks.

But like connected vehicles and their onboard multimedia systems, these new self-driving technology elements — which were meant to make the cars safe and reliable, could end up leaving them vulnerable to hacker strikes, according to US security firms Mission Secure Inc (MSi) and Perrone Robotics Inc.

Hacking Self Driving CarsA hacker recently boasted of having entered the electronic systems of the US jet he was traveling on, and of having changed its trajectory. He claimed he did so using the in-flight Wi-Fi system.

The two security companies, working with the University of Virginia and the Pentagon, have run tests that have shown they believe it is possible to hack into and disrupt the multi-sensor system.

One trial was to change how the car responded when it encountered an obstacle.

“One attack scenario forces the car to accelerate, rather than brake, even though the obstacle avoidance system (using LiDAR) detects an object in front of the car. Rather than slowing down, the car hits the object … at high speed, causing damage to the car and potential threat to the life and safety of the passengers in the car under attack and in the car being struck,” according to the report available on MSi’s website.

“If an attack were carried out successfully, automobile manufacturers have no means of quickly gathering information for forensic analysis or to rapidly deploy additional protections to cars in response to new and evolving attacks,” the report warns.

According to these experts, hackers penetrate the system through wireless connections.

Advertisement. Scroll to continue reading.

MSi and Perrone Robotics, which are working on a system to counter cyber attacks, believe the situation poses “significant challenges and risks for the automotive industry, as well as to public safety.”

Insurance premium reviews?

Most of the carmakers gearing up their own autonomous car projects did not reply to update requests from AFP.

But sources close to the industry say the chance of the system being hacked has been factored in throughout the manufacturing process.

Internet giant Google, for example, is believed to have a team of top programmers tasked with trying to hack into the software in their own self-driving prototype car, which is expected to get on-road testing within the next few months. Google declined to comment for this story.

US insurers are concerned about safety, and whether the new technologies can cut the risk of accidents happening. This could force them to rethink their contracts and to recalculate premiums.

At first, premiums could rise because the price of self-driving cars will be high due to the cost of embedded technologies and repairs, insurer Nationwide told AFP.

But this could be partially offset by the wider use of vehicles decked out with accident-preventing technologies.

For State Farm, another US insurer, the big picture is what counts.

“As connected and automated vehicle technology reduces or eliminates some risks that drivers face today, new risks are likely to emerge. We are focused on the big picture — how can we adapt to these changes and continue to deliver value to our customers,” the company said in an email to AFP.

According to a source with a major US insurer, who requested anonymity, one of the key related issues down the road will be establishing boundaries, and responsibilities based on what carmakers say the car can or cannot do autonomously.

Google last month announced its self-driving prototype cars were ready to leave the test track and hit public roads in California, in a big step forward for its autonomous automobile program.

Related Reading: FBI Says Researcher Admitted Hacking Airplane in Mid-Flight

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyber Insurance

Cyberinsurance and protection firm Boxx Insurance raises $14.4 million in a Series B funding round led by Zurich Insurance.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.