Cybersecurity issues with Self Driving Cars
Self-driving cars or vehicles with autopilot modes are revolutionary, but they don’t come without their risks. People have established a number of ways in which self-driving cars can be targeted.
Self-driving cars have to be connected to the outside world, through GPS and real-time alert systems for example. This means that there are constant connections to other devices and networks and spyware, ransomware or other forms of malware can be added to the car’s on board computer. For example, a trojan bug on a USB stick could easily update the firmware and cause a virus.
In one example, Uber researchers were able to take over the entire braking system on a vehicle. This shows just how vulnerable they can be and how reliant they can be on technology.
What Are the Risks?
There are multiple risks attached. A targeted attack could mean that the systems of a vehicle are compromised.
It’s more likely that a hacker will be trying to compromise these systems to make a profit. This is almost always the case. Things like ransomware can lock your vehicle and prevent you from using some of the features until you provide a payment. In some cases, hackers may also look to cause disruption such as traffic jams and seek payment from authorities.
Lots of the security functions could also be disabled, your car may be hit or get in an accident and you might not know about it. Plus, you could be responsible.
The major concerns regarding cybersecurity for vehicles is the fact that the tech is constantly evolving, and there are often security breaches.
In a famous “White Hat” hacking event, Amat Cama and Richard Zhu, managed to hack into the “infotainment” system of a Tesla to get control over the computer.
Companies are constantly monitoring and making changes to their vehicles in order to tackle potential security issues. Firmware and software updates are one of the ways that these security back doors can be found and blocked out.
Governments are trying to keep people safe by introducing some laws and regulations in order to help people stay secure. For instance, it isn’t necessarily legal to completely let a car drive itself. Instead, you may need to have one hand on the steering wheel at all times. This means that you can take over from the autonomous systems if you need to, or if they get compromised somehow.
Companies also know that the security flaws they show can be a big issue, and they don’t want to face legal repercussions, for instance.
Infineon and Argus who work to create integrated self-driving platforms are making an integrated security system. It can provide intrusion detection on a cloud-based platform. This means that there are fewer connections to potentially cause a security risk, but also that potential threats can be found. Additionally, companies are looking into methods of encryption. Being able to encrypt and decrypt data that is sent can be quite heavy on processor power and demanding for the computer’s capacity, but it is a way to retain security
What Can You Do to Prevent Hacking?
This shouldn’t be enough to put you off trusting a car to completely self-drive. The technology is growing quickly. However, there are some things that you should always do to keep yourself protected and prevent the chance of getting hacked.
- Keep any passwords for accessing systems within the car or WiFi secure. Change them regularly to ensure that people can’t easily connect to your vehicle.
- Keep your systems updated. Software and firmware updates are one of the ways manufacturers can quickly and often simply patch the errors and security issues that crop up in their vehicle.
- Check for recall notices. If there is a serious issue with a computer on a car they will need to recall the vehicle to make changes. This is frustrating, but it should be done at no cost to you and it can make your vehicle much more safe to use.
- Limit any connections to external devices. A lot of cars now have the option to connect to numerous phones and devices, but each one could be a potential security threat. Only allow devices you trust and have control over to connect. Your friend’s virus-ridden phone could be a huge security risk.
- Don’t use the browser on your device. Some cars have browsing options inbuilt. You can use it to connect to the internet, but this is where a lot of malware lurks. If you are concerned, don’t use the browser at all.
- Only download verified apps you know you can trust. Similarly, many app stores are full of “apps” claiming to be helpful but actually designed as a way to compromise your security systems. Only download from trusted developers and verify the apps before you put them on the system.
- If you’re worried, don’t put your home address into your car’s GPS. Some people are concerned that this can give hackers an option to target you. It is not usually something to worry about, but if you are taking extra precautions this might be a good idea.
Article by David Lukić, information privacy, security and compliance consultant at IDstrong.com.