How Easy Is It To Hack A Self-Driving Car?

Autonomous Cars: Mobile Computing Technology

Most drivers across America have dreamt about autonomous cars at one point or another.

Whether from The Jetsons or reading about them in Sci-Fi books, Americans have looked forward to the day when technology would do the tedious (and often dangerous) job of driving for us.

However, the one thing many don’t think about when they dream about self-driving cars is that the computer components of these technological marvels are prone to hacking and viruses just like our laptop and home computer. The future is here today as automakers look at other ways to integrate advanced communication technology into modern traffic cones to ensure the safety of drivers and robots alike. 

New Technology And New Threats

Car hacking is a relatively new threat to public safety.

While automobile makers have been in the industry for decades, they are only now entering the market where computer technology is helping to drive and operate cars. Computers have a central role in the convenience and functionality of modern vehicles, including:

  1. Apps that start and unlock doors.
  2. Video cameras to help with backing up and driving detection.
  3. Self-steering capabilities for parallel parking assistance.
  4. Running diagnostic tests remotely.
  5. Checking battery power levels if the car uses electric power.

In a world fascinated with the Internet of Things and consumers willing to adopt the newest technology, our roadways could be the threatened by hackers accessing our vehicles on the road.

This type of threat only becomes more real as cars connect to the Internet and communicate with each other in real time.

Many drivers don’t trust manufacturers with the safety of their car security, and for a good reason.

In recent years we have seen several examples of automobile manufacturers put profit off public safety.

One of the most recent examples of this was when GM stalled to recall faulty ignition switches that kept airbags from inflating. That oversight cost at least 124 people their lives and GM had to recall almost 30 million cars.

As mass adoption for self-driving continues to grow, a combination of market demand and government legislation will be needed to ensure rigorous cyber security standards are enforced. This in combination with large strides in traffic calming technologies, including an advancement for safety cones that could include the integration of RFID technology.

These measures will preserve the integrity of these highly automated systems while also saving lives and reducing incidents on public roads.

Self-Driving Cars Are The New Hacking Frontier

In August 2016, two suspects were arrested in Houston for hijacking 100 Dodge and Jeep cars using a laptop.

Officials were investigating a string of automobile thefts in the area, but could not explain how the crooks were stealing vehicles without damaging the cars or triggering their alarms.

Local police finally got a break in the case when they saw on video recording system that showed the thieves walking up to cars with their laptop, unlocking the doors, and starting the engine for the escape.

This new method of high-tech car theft could be the next wave of threats to the advancement of self-driving autonomous vehicles that are highly dependent on Internet connection and computer electronics.

Along with uncovering a new approach of how car thieves can steal vehicles with little effort, it was also a wake-up call to automobile manufacturers and government officials to work together to propel cyber security forward.

The Problem Is In The Code

Deeper research into the underlying issues that makes hacking a self-driving car a relatively easy task is a technology and programming used in the vehicles.

Many of the systems found in autonomous cars today were implemented quickly, and with a focus on comfort and luxury. Automobile manufacturers did not consider cyber security when they installed most features.

In 2009, a conventional vehicle had 50 electronic control systems to assist drivers with operating the vehicle.

Compare that with today’s models that have over 100, and you can see that there are many more points of access for hackers to compromise a self-driving car.

Not only are there more access points in vehicles today, but the code used in autonomous cars is also not optimized nor is it secure.

The Department of Transportation suggests that a modern luxury vehicle could contain up to 100 million lines of software code.

Compare that with the 6.5 million lines of code in a Boeing 787 Dreamliner, and even a mere 1.7 million lines of code used to operate an F-22 fighter.

This means that modern luxury cars are controlled by bloated code that has no optimization standards.

Messy and bloated code not only puts unnecessary strain on the systems and reduces the effectiveness of the code, but it also creates weak points for cyber attacks that hackers can take advantage of.

The Security and Privacy in Your Car Act of 2015

Concern from the risk of hackers gaining remote access to smart cars through computers and other devices led Senators Ed Markey (D-Mass) and Richard Blumenthal (D-Conn) to introduce the Security and Privacy in Your Car Act (SPY Car Act).

This Act requires automobile manufacturers to standardize IT solutions to ensure the safety and integrity of a smart car’s capabilities and security.

If this bill were to become law, it would instruct U.S. lawmakers the National Highway Traffic Safety Administration and the Federal Trade Commission to work with automobile manufacturers to create measures for the auto industry. 

These “reasonable measures” would include voluntary information gathering and share between vehicles to help companies identify and address potential vulnerabilities and weak points.

Along with shared information, the bill also mandates that critical components of the car like navigation systems and other necessary elements of the vehicle be isolated from other access points in the system. This would create a safeguard against hacking, and the system would help “detect, report and stop hacking in real-time.”

A concern that goes along with cars sharing information is the personal privacy of that data.

This is why the SPY Car Act requires automobile manufacturers, and government agencies work together to develop privacy standards for data collection in vehicles. Automakers need to be transparent in how data is being gathered, transmitted, stored, and used.

Consumers can opt out of their data collection, and when collected personal data from vehicles can not be used for marketing unless the owner opts in for that reason. Both lawmakers and automobile manufacturers hope that a focus on personal privacy will help with the adoption

Another Threat: Ransomware

Hackers are not the only threat to self-driving vehicles and their passengers. Ransomware is also a significant threat to public safety, and this type of malicious hacking has already targeted hospitals and healthcare facilities.

The reason ransomware targets these kinds of organizations is because ransomware is specialized code meant to disrupt real-time information.

Due to the nature of self-driving vehicles and the technology they use to navigate the roadways, ransomware could pose a serious threat to the safety and security of autonomous vehicles.

Ransomware holds information hostage until the victim pays a specific amount of money to the hacker. This kind of threat is not only dangerous to passengers whose car could be taken over, but it could pose a significant threat to automobile makers.

Imagine an entire brand of vehicle threatened to be turned off tomorrow if the hacker is not paid a specific amount of money. That would have a detrimental impact on the economy and stability of that company.

Securing Our Roadways Could Be A Bit Bumpy

As the self-driving car revolution continues to move forward, we will undoubtedly see an increase of hacking. While it is promising to see government agencies, automobile manufacturers, and analysts working together, the security of future cars seems unclear.

Developers are not able to fully isolate the “important” parts of a car because our understanding of this technology is relatively new. Various components of a self-driving car must be connected to enable functionalities that people expect from a car.

However, as automakers continue to understand their software and standardize third-party suppliers, then the security of our roadways will improve!