Self-driving cars have a high probability of being hacked and used as weapons, says data and analytics company Picture: SUPPLIED
Self-driving vehicles are vulnerable to cyberattacks, says GlobalData, a data and analytics company, which estimates there may be up to 180,000 bugs in the code operating a level five autonomous vehicle.
Level five autonomous vehicles are fully self-driving vehicles that can handle all driving tasks in all circumstances. These vehicles probably won’t feature human controls and must be able to safely handle any situation they might encounter.
GlobalData’s latest report, “Cybersecurity in Automotive — Thematic Research”, stresses the importance of defending all of the infrastructure upon which connected cars rely, noting that we are entering a “Code War” era, where every digital device — no matter how small — can be weaponised.
“Autonomous vehicle manufacturers may be making sure the physical doors lock, but as it stands, the digital doors are wide open. Over the past decade, hackers have accessed the vehicles of numerous major brands: remotely unlocking doors, collecting sensitive data, and even taking control of vehicles. This just isn’t good enough, and autonomous vehicles won’t be safe enough until these gaps are plugged,” says Emilio Campa, analyst on the Thematic Research team at GlobalData.
Automotive businesses are increasingly talking about cybersecurity in their financial reports, the report says. The number of mentions of “cybersecurity” expanded almost fourfold between 2016 and 2021. However, the number of mentions is relatively small when compared to other major themes in the sector — especially environmental, social, and governance issues.
“Public safety aside, cyber breaches and cyberattacks directly affect the value and integrity of car manufacturers’ brands. New vulnerabilities are also constantly coming to light, and they can be difficult to fix,” said Campa.
Cybersecurity-related regulation is being implemented in different ways around the world. The UN Economic Commission for Europe (UNECE) Regulation 155 comes into force in July, the ISO/SAE 21434 standard has been developed, and countries from the US to China are adopting local regulations and oversight. As a result, auto players must be aware of the regulatory landscape to ensure compliance.
“There is a real requirement for manufacturers to get up to speed on cybersecurity, and to do so quickly. The auto industry will face more cyberattacks as it introduces more connected, digital, and electronic systems to new vehicles and as companies themselves become more digital,” said Campa.