Hacking at high speed: How safe is the automated vehicle?
Automated cars are destined to make our roads safer. But if computers take over driving, will car hacking become the new danger? An expert explains how hackers could infiltrate a vehicle, how the industry should react – and why terrorists do not even pose the biggest threat.
Imagine you are driving 70 miles per hour on the freeway. Then, as if by magic, strange things start to happen. The air condition begins to blast, the windshield wipers turn on and loud music is roaring from the speakers. Still at high speed, your car suddenly shifts into neutral gear – and then the engine is being turned off.
What sounds like a nightmare actually happened to WIRED journalist Andy Greenberg in July 2015. Using a loophole in the car’s infotainment system, the two hackers, Charlie Miller and Chris Valasek, demonstrated to the journalist that it is possible to remotely hack a car moving at high speed (see a video here). With fully automated driving relying on the connectivity of vehicles, the question arises just how immune self-driving cars will be against hacks. To find out, we spoke to Professor Christof Paar of the Horst Görtz Institute for IT security in Bochum, Germany.
Professor Paar, will cars become increasingly vulnerable for cyber-attacks as they get more and more connected?
If you take a 1984 Volkswagen Beetle, there are precisely zero access points for hackers. Automated vehicles will at least become potentially more vulnerable because the number of gateways for hackers grows.
Will the automated car ever be one hundred percent hacking proof?
They will never be one hundred percent secure. But in the field of IT security it always comes down to one question: are there enough incentives for the invader to justify the effort? This fact sometimes gets lost in the public discussion: every car hack is associated with considerable complexity and costs.
Who might be interested in hacking a car – in spite of the efforts?
We can distinguish between two groups of actors: criminals and state-sponsored hackers. Criminals only act if it pays off financially. At the moment experts still wonder what a business model for car hacking could look like. One phenomenon we know from the web is ransomware: malware that restricts access to your computer. The user has to pay ransom to get his data back. If we apply this to cars, it is imaginable that hackers paralyze the electronic system. The difference is, you could just have your vehicle towed to the repair shop where they reset it to factory setting. Problem solved. If your computer’s hard disk is encrypted, there is often not such an easy solution – because you might lose your personal data.
That sounds like good news for customers and car manufacturers alike.
It is still too early to give the all-clear. Sometimes it takes years to develop criminal business ideas. The more applications are installed in the car, the more potential for abuse arises.
How likely is it that terrorists will use car hacking for assaults?
Terrorists lack the resources for complex hacking attacks. We have not seen any hacking assaults by terrorists yet – even though they had been predicted after September 11.
You named a second group of perpetrators. What kind of danger do state-sponsored hackers pose?
They could be the real threat because they have the financial and personal resources. I can imagine scenarios where intelligence services use car hacking for political or industrial espionage.
How might a state-sponsored attack take place?
I can only speculate. But we are already experiencing that on the internet, nation states are less wary of fueling conflicts than in the analog world. If intelligence services succeed in hacking thousands of cars on a nation’s highway system at the same time, they could bring them to a halt on the road and very effectively cripple a sizable part of our transportation infrastructure. At the moment I see this as the biggest possible threat.
What would a worst case scenario look like? Can hackers win total control over a car?
For self-driving cars, the risk is definitely higher. If computers steer the whole vehicle, a complete takeover cannot be ruled out entirely. But this is extremely complex. For the next generations of vehicles, I suspect that hackers could be more successful in switching off parts of the vehicle, like the motor or the accelerator pedal. This is what the Jeep hackers succeeded in doing. Of course this could already cause severe damage.
Which interfaces can hackers use to infiltrate a vehicle?
There are several of them in a connected car. One is the wireless interface that networked vehicles will use to communicate with other cars and the infrastructure. A second interface comes with the infotainment systems that modern cars are equipped with. In theory, they are supposed to be completely isolated from a car’s driving systems. But there are always loopholes. Take for example your car’s airbag system. If it does not work properly, a flashing warning light signals this on your dashboard. A complete separation from airbag electronics and the dashboard is simply not achievable.
How can car manufacturers ensure the best possible security?
That is the pivotal question. In one sentence: they have to do their homework. There is no magical solution but with appropriate effort, OEMs can develop systems that are secure in practice. They have to look at the state of the art in security engineering for the entire system. This includes secure software on all levels, hardware security, secure implementation and much more. On top of that, OEMs have to get used to the idea that they will play a game of cat-and-mouse with the hackers. That means continually identifying weak points and eliminating them.
OEMs increasingly hire external hackers to test and penetrate the security system of a vehicle before it is put on the market. Not long ago, they would have sued hackers instead of encouraging them. Is a rethinking process taking place in the industry?
Tesla already offers a reward to so-called white hat hackers who detect vulnerabilities and report the problem to Tesla. Culturally speaking, this must seem strange to car manufacturers. But sooner or later, there will be no way around it. White hat hacking is no silver bullet but it helps to reach a higher level of security.
In the US, Congress intends to pass a law that is designed to tighten vehicles’ protections against hackers. Is this a problem that policy-makers are able to solve?
The American approach places the responsibility on the manufacturers and imposes fines in cases of misconduct. I do not know if a legislative framework can create more security. But what I support is requiring OEMs to report every car hacking incident. We need full transparency in order to reach system security.
If OEMs do their homework: Will they reach a level of cyber security that the public will accept?
I am optimistic that the risk of cyber-attacks will be tolerable in the end. How high the public acceptance will be is hard to predict. Spectacular hacks causing highway accidents could undermine the public trust. But at the same time, we must also look at the opportunities that networked cars will bring: in the European Union alone, 25 000 people die each year in road accidents. Electronic driver assistance could save many if not most of those lives!
About our expert:
Professor Christof Paar has the Chair for Embedded Security at the Horst Görtz Institute for IT Security at Ruhr University Bochum, Germany. One of his research focus points is IT security in cars. In 2003 he founded ESCAR, the leading international conference for electronic car security.