The market for self-driving cars is booming. Customers spent $22.22 billion on these autonomous vehicles in 2021 and they will likely spend more in the future.
Unfortunately, they are not without risks. One of the biggest concerns is that they can be targeted by hackers. This used to be a concern that only showed up in science fiction movies, but recent reports show it is a reality.
Self-Driving Cars Are Vulnerable to Hackers
As vehicles become technological devices on wheels, hackers can be very good allies of manufacturers to detect vulnerabilities. The best example is Tesla, which has relied on them on a recurring basis to expose security flaws in software.
But they can also become an enemy of the connected and autonomous car. In this scenario, the US state agency NHTSA has published a manual of good practices to be followed by automakers to prevent hacks.
It has been well known that many cars can be targeted by hackers. Half a million Chrysler cars, Jeep Cherokees, Chrysler 200s and Dodge Rams, can be hacked and remotely controlled through a critical vulnerability in the Uconnect service. The vulnerability has been patched and the automaker recommends immediate system updates. Unfortunately, self-driving cars are even more at risk.
The smart car is an advance the automotive industry is investing heavily in. With technology as a central point, its present and future depends on developments by the major technology companies or by the car companies themselves to provide solutions for communications, information, entertainment and general control of all kinds of parameters.
The most advanced will be the self-driving car. A large part of the automobile industry is working on technologies that will allow cars to circulate without human intervention, although the approval of regulations that will allow them is currently one of the major obstacles to their extension.
And security, as shown in the case of some Chrysler car models, with a zero-day vulnerability discovered by a group of researchers that makes it possible to take control of vehicles via the Internet. The concerns include the following:
- Vulnerability of car sensors. One of the agency’s main concerns is sensor tampering. The report highlights Lidar or radar interference, GPS spoofing or modification of traffic signs and speed limits to fool the system by attacking the software.
- OTA updates. Wireless or ‘Over The Air’ updates are already the norm in the automotive industry, but also a gateway to hackers.
- Accessories and parts. The best practices guide reminds aftermarket manufacturers that while their devices may not appear to be able to affect security systems, they should be designed with such considerations in mind and should also undergo the same type of security verification as the vehicles themselves.
Seemingly harmless devices, such as USB adapters or keys that transfer data or telematics collection devices (such as those used by some insurance companies to reward good drivers), could be used as proxies for other attacks.
Today’s technology allows anyone without much computer knowledge to breach a vehicle’s system by simply changing the code in software updates.
An example of this can be found in the CAN Bus (Controller Area Network) system, which is responsible for sending signals that will control everything from the infotainment system to the brakes and steering, which would be at the mercy of the hacker.
Also with a basic kit purchased on the Internet they can manipulate the remote controls that open and close the cars.