Self-driving cars highly vulnerable to cyber attacks


by CBR Staff Writer| 29 January 2014

Diagnostics port provides easy access for hackers.

Self-driving cars would turn out to be tempting targets for hackers after they are rolled out, as they are reportedly highly vulnerable to hacking attacks, a top security executive warns.

According to Verizon's enterprise subsidiary global security solutions vice president Eddie Schwartz, there would be an exponential rise in number of targets during the first half of 21st century, while the existing cyber-security industry is still 40 years from maturity.

"All of the major automobile manufacturers are working on self-driving cars," Schwartz told the Guardian.

"For cars to be able to self-drive, they have to be able to negotiate with each other," he added.

"You can't negotiate something like that without having some security principles behind it.

"So cars have to do basic things that we do with each other, like recognise each other - authentication.

Schwartz added there are a several primary security issues in applications developed by car industry intended for machine-to-machine communications.

"OK, I authenticate to you, that means there has to be an underlying artefact, a certificate or something like it that says 'you're an authorised car, and I'm an authorised car, therefore we can exchange this information really fast," Schwartz continued.

However, researchers, in August 2013, used self-driving cars, including Ford SUV and Toyota Prius, to demonstrate their vulnerability against cyber attacks and were able to put on the brakes, jerk the steering wheel, or accelerate the car via a laptop by plugging into the diagnostics port.

Another team of researchers were also able to pierce similar systems via bluetooth, mobile data and in addition to a malicious audio file burned onto a CD played in the vehicle's media player.

"These are going to be embedded solutions," Schwartz added.

"It's going to be wireless communications or NFC.

"These are machine-to-machine communications, and for critical care, they are going to have telemetry going on 24/7.

"There's an underlying security and privacy issue: imagine ransom-ware in that world."

Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

716 people like this.
1535 people follow this.

Networking Intelligence

Buy the latest industry research online today!
See more

Suppliers Directory

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.