Connect with us

Hi, what are you looking for?


Cyber Insurance

Self-Driving Cars Vulnerable to Cyberattack, Experts Warn

Hackers pose a real danger to self-driving vehicles, US experts are warning, and carmakers and insurers are starting to factor in the risk.

Hackers pose a real danger to self-driving vehicles, US experts are warning, and carmakers and insurers are starting to factor in the risk.

Expected on the road by 2020 or even sooner, driverless cars should have a wide range of cutting-edge technologies such as electronic sensors — a group of cameras, radar, sonar and LiDAR (light detection and ranging) — commanded remotely using software that senses road widths, identifies signs and even roadblocks.

But like connected vehicles and their onboard multimedia systems, these new self-driving technology elements — which were meant to make the cars safe and reliable, could end up leaving them vulnerable to hacker strikes, according to US security firms Mission Secure Inc (MSi) and Perrone Robotics Inc.

Hacking Self Driving CarsA hacker recently boasted of having entered the electronic systems of the US jet he was traveling on, and of having changed its trajectory. He claimed he did so using the in-flight Wi-Fi system.

The two security companies, working with the University of Virginia and the Pentagon, have run tests that have shown they believe it is possible to hack into and disrupt the multi-sensor system.

One trial was to change how the car responded when it encountered an obstacle.

“One attack scenario forces the car to accelerate, rather than brake, even though the obstacle avoidance system (using LiDAR) detects an object in front of the car. Rather than slowing down, the car hits the object … at high speed, causing damage to the car and potential threat to the life and safety of the passengers in the car under attack and in the car being struck,” according to the report available on MSi’s website.

“If an attack were carried out successfully, automobile manufacturers have no means of quickly gathering information for forensic analysis or to rapidly deploy additional protections to cars in response to new and evolving attacks,” the report warns.

Advertisement. Scroll to continue reading.

According to these experts, hackers penetrate the system through wireless connections.

MSi and Perrone Robotics, which are working on a system to counter cyber attacks, believe the situation poses “significant challenges and risks for the automotive industry, as well as to public safety.”

Insurance premium reviews?

Most of the carmakers gearing up their own autonomous car projects did not reply to update requests from AFP.

But sources close to the industry say the chance of the system being hacked has been factored in throughout the manufacturing process.

Internet giant Google, for example, is believed to have a team of top programmers tasked with trying to hack into the software in their own self-driving prototype car, which is expected to get on-road testing within the next few months. Google declined to comment for this story.

US insurers are concerned about safety, and whether the new technologies can cut the risk of accidents happening. This could force them to rethink their contracts and to recalculate premiums.

At first, premiums could rise because the price of self-driving cars will be high due to the cost of embedded technologies and repairs, insurer Nationwide told AFP.

But this could be partially offset by the wider use of vehicles decked out with accident-preventing technologies.

For State Farm, another US insurer, the big picture is what counts.

“As connected and automated vehicle technology reduces or eliminates some risks that drivers face today, new risks are likely to emerge. We are focused on the big picture — how can we adapt to these changes and continue to deliver value to our customers,” the company said in an email to AFP.

According to a source with a major US insurer, who requested anonymity, one of the key related issues down the road will be establishing boundaries, and responsibilities based on what carmakers say the car can or cannot do autonomously.

Google last month announced its self-driving prototype cars were ready to leave the test track and hit public roads in California, in a big step forward for its autonomous automobile program.

Related Reading: FBI Says Researcher Admitted Hacking Airplane in Mid-Flight

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

IoT Security

A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.