There are some important cybersecurity points to keep in mind when considering the development of self-driving cars, writes Lorenzo Grillo.
The UK’s new Autonomous Vehicle (AV) Bill aims to establish the most comprehensive legal framework of its kind in the world for autonomous vehicle technology. The legislation, announced during the King’s Speech on 8 November 2023, aims to position the UK as a world leader in this new £42 billion (US$53 billion) industry.
The idea is that AVs can help reduce deaths and injuries from drunk driving, speeding, and driver fatigue. Vehicles designed for use must meet or exceed strict new safety requirements set by law. The associated safety framework ensures clear user responsibilities and sets safety standards for legal autonomous driving. This bill aims to introduce an in-use regulatory scheme to monitor the ongoing safety of these vehicles.
However, there are some important cybersecurity considerations to keep in mind when considering the development of self-driving cars.
New technology brings new risks
The automotive industry has a rich history of incorporating innovation and new technology in everything from engine management to in-car entertainment. Manufacturers are always keen to incorporate cutting-edge technology into their vehicles to ensure they outperform their competitors’ vehicles. However, this technology increases the area of vulnerability.
Cybercriminals are adept at leveraging and adapting their skills to take advantage of new developments. For example, when electronic car keys were first developed in the 2000s, criminals used scanning technology and simple, low-cost smartphone emitters to overcome built-in security measures and gain access to vehicles. They quickly developed ways to steal things. The industry is likely to see similar patterns of behavior from criminals attempting to illegally access self-driving cars.
The concept of connected cars has also been debated in the industry for a long time, and industry giants have long recognized the potential security implications. There are several concerns starting from the car production line itself to the customer’s daily use. The use of 5G sensors is expected to increase dramatically, and the associated data transmission between vehicles and road infrastructure will exponentially increase, creating a potential cyber attack surface and opportunity for criminals and malicious actors. will also increase.
Risks for automakers
During the production of self-driving cars, securing the core safety system infrastructure and code is a primary concern. Many high-profile ransomware attacks are designed to leverage industrial control systems (ICS) and operational technology (OT) as a method of accessing sensitive systems. Manufacturers must be aware of the ability of malicious attackers to leverage production systems to access and inject code into software systems during assembly and manufacturing.
This attack vector has been observed in the past, with routers manufactured by hostile nations being embedded with deliberate software “backdoors” for possible future use. The highly networked vehicle production operating model adopted by most manufacturers means that many components of the vehicle are manufactured by specialized manufacturers further down the supply chain, making this area even more vulnerable and Adds an opportunity to insert a “sleeper” code that will only be activated if The components are turned on after the completed vehicle is powered up.
![A.V.](https://media.automotiveworld.com/app/uploads/2024/01/29131957/Self-driving-1024x527.jpg)
More cybersecurity threats
Another major area of concern is the cyber risks associated with software and software updates. Attacking a central OEM or large dealer creates an opportunity for malicious software to be injected during updates or standard vehicle maintenance where the system is connected to a scanning system to check the health of the vehicle. Masu. This vulnerability exists both in the hardware used to scan the vehicle condition itself and during its production.
This provides attackers with multiple opportunities to inject and procure malicious software into vehicles centrally, or to infect large numbers of vehicles over an extended period of time. This can be done to disable safety sensors and damage the vehicle, affect steering or navigation, or cause mechanical problems. This creates a significant ransomware threat used by criminal organizations.
A further cybersecurity threat to consider is the opportunity for malicious attackers to infect road management systems and infrastructure. AVs rely on a large amount of input from external sensors to operate safely. The ability to tamper with signals from these critical external systems presents both criminals and nation-states with an opportunity to cause significant problems, but the effects may not be immediately obvious.
One of the most significant concerns at scale is that threat actors can simultaneously affect safety protocols for numerous vehicles, such as vehicle speed, navigation, and road usage announcements. This provides the opportunity to alter traffic updates to cause congestion, cause accidents (or mass accidents), or disable vehicle steering or engine management at critical moments. Even short periods of malicious control can have serious consequences.
Cyber espionage is also a serious threat that needs to be considered. State actors have traditionally tracked vehicles of interest or eavesdropped on vehicles that may be carrying people of interest to determine their movements and to identify people within such vehicles. They have adopted technologies that allow them to access ongoing discussions. Previously, those with hostile intent would have needed physical access to these vehicles to install equipment to do this, but now all the necessary hardware is available in most are now available as standard equipment (tracking devices, communication antennas, microphones) on vehicles. This allows attackers to access the desired vehicle from anywhere in the world.
Malicious control, even for a short period of time, can have serious consequences
The vehicles themselves also represent individual threat areas. When drivers connect their phones to in-car entertainment systems, threat actors have another way to place malicious code on them or access information they have through pairing with the in-car system. There is a gender.
The ability of criminals to steal self-driving cars may also increase. Vehicles designed to perform software updates in the event of static electricity remain online even when powered off, allowing individuals to access the system even when it is clearly dormant. Masu. This allows criminals to steal vehicles from parking lots, roads, and driveways without the need to be present. As with most car thefts these days, in the hands of criminals all sensors can be disabled and the vehicle stripped and sold as individual component parts.
There are other future concerns worth discussing. The rise of artificial intelligence (AI) and its potential use by malicious attackers to target critical systems or groups of systems connected to AVs complicates the situation. The data-heavy nature of these vehicles and their reliance on external sensors/systems to function make them vulnerable to external attacks and targets in the form of ransomware. This is a threat vector that will continue to unfold and evolve over the next few years as autonomous systems begin to be deployed. Detecting and mitigating attacks as quickly and efficiently as possible is a key challenge for autonomous vehicle manufacturers.
About the author: Lorenzo Grillo is Managing Director of Alvarez & Marsal Dispute Investigations and leader of the firm’s Europe and Middle East Global Cyber Risk Services.