• News
  • Security
  • Products
  • About Seqrite
Seqrite Blog Blog
  • News
  • Security
  • Products
  • About Seqrite
Home  /  Malware  /  Dealing with cybersecurity threats in the age of autonomous vehicles
Can-autonomous-vehicles-face-malware-attacks-too
06 November 2019

Dealing with cybersecurity threats in the age of autonomous vehicles

Written by Seqrite
Seqrite
Malware
Estimated reading time: 3 minutes

In 2015, security researchers Charlie Miller and Chris Valasek remotely took control of a Jeep Cherokee vehicle as an experiment. By exploiting vulnerabilities in the vehicle’s Internet-connected entertainment and navigation systems, the two researchers activated the windshield wipers, turned on the radio and even turned off the engine in the middle of the highway. It was a frightening experiment which compelled automotive major Fiat Chrysler to recall 1.4 million cars. This remote hijack was also a reminder that as vehicles become more connected and autonomous, their cybersecurity risks will only grow.

The different levels of automation

The Society of Automotive Engineers (SAE), a US-based organization which defines standards in automotives, classifies autonomous vehicles into five different levels, based on the level of autonomy. Fully autonomous vehicles are categorized as Level 5 and are defined as a level of automation where the steering wheel is optional and no human intervention is required whatsoever.

While most automotive experts agree that Level 5 vehicles are still far into the future, the cybersecurity aspects of how these vehicles will operate cannot be ignored. Already, vehicles nowadays have some level of automation, whether it is through cruise control, parking assistance, lane assist or GPS features. Cars are getting increasingly connected to each other over wider networks more than ever before. This dependence will only increase as humanity progresses towards the first fully autonomous vehicle.

Troubling scenarios

Security experts have warned of potentially disastrous repercussions if cybercriminals start taking disadvantage of autonomous vehicles at scale. A few scenarios that have been hypothetically put forward include:

  • Criminals gaining access to autonomous vehicles through backdoors and vulnerabilities in the vehicle’s operating system and remotely controlling them
  • In a fully autonomous world, cars will be connected to each other and also to a wider transport system regulating transportation of an entire city or region. If cybercriminals hack into the transport system, they can bring down entire transport networks, causing extensive damage
  • Data theft is also a lucrative industry for automotive and the advent of autonomous cars would lead to a rise of such vehicles being targeted for data misuse

As research continues on autonomous vehicles, the levels of cybersecurity threats that will be needed to deal with will only become clearer. But cybersecurity experts have already started working on recommendations on the aspects that will need to be kept in mind.

Regulations and standards

To ensure that autonomous vehicles are not caught out by cybersecurity threats, it is imperative that automotive bodies and cybersecurity enterprises start working together to create regulations and standards. Encouragingly enough, some developments are happening in this regard – a new automotive cybersecurity standard, ISO/SAE 21434 is currently under development and could be published as early as 2020. Concurrently, the World Forum for Harmonization of Vehicle Regulations (WP.29) is also working on regulatory proposals for vehicles.

Invest in R&D for securing FOTA updates

Most of the latest automotive models have operating systems providing infotainment and other features. In the near future, autonomous vehicles will run completely on software systems which will receive regular updates, like mobile devices and operating systems. However, it is imperative that automotive companies start investing in research & development to ensure that these Firmware Over The Air (FOTA) updates take place in a secure framework.

Understand the unique security requirements of autonomous vehicles

Autonomous vehicles will need unique security requirements which will differ from the requirements for mobile devices or enterprise security. As an example, autonomous vehicles will require seamless vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication. At the same time, these communications need to be encrypted to prevent unauthorized access which will necessitate ultra-fast cryptography solutions.

Cybersecurity as part of the entire manufacturing process

Automotive manufacturing is an extended process with many suppliers working on different aspects of the vehicle. When it comes to the manufacture of autonomous vehicles, cybersecurity will need to be an integral part of the entire manufacturing process. All aspects of the supply chain must be on the same page to ensure that the final product is safe and secure.

Whether it’s Google, Ford, Mercedes-Benz or Uber, the world’s biggest technology companies have stated serious research and testing on autonomous vehicles. While the era of the fully autonomous car may still be a while away, it is important that cybersecurity remains a core component of this research to ensure that the end-user gets the most secure experience.

Get in touch if you would like for us to assess the cybersecurity posture of your business.

 Previous PostHackers bypass UTM user credentials with simple Shell Scripts
Next Post  The cybersecurity threats drones face and how to mitigate them
Seqrite
About Seqrite

Follow us for the latest updates and insights related to security for enterprise networks. Subscribe to our newsletter to stay...

Articles by Seqrite »

Related Posts

  • Malware-as-a-service: Cybercrime’s nine-to-five

    Anyone, even you, can carry out cyberattacks with the Malware-as-a-Service model

    October 30, 2020
  • Masslogger’s malice imposes spying and keylogging in businesses.

    MassLogger: An Emerging Spyware and Keylogger

    July 31, 2020
  • Snake ransomware stings to spread its venom in the veins of enterprise networks.

    Snake Ransomware brings impending doom to enterprise networks

    July 10, 2020

No Comments

Leave a Reply.Your email address will not be published.

Cancel reply

CAPTCHA Image
Refresh Image

Popular Posts

  • Are we prepared against risks generating from the IoT revolution? Are we prepared against risks generating from the IoT revolution? January 15, 2021
  • The Data breach inferno burning big-ticket businesses The Data breach inferno burning big-ticket businesses February 5, 2021
  • Pharma Sector needs to streamline its insides to avoid cyberattacks Pharma Sector needs to streamline its insides to avoid cyberattacks February 12, 2021

Featured Authors

  • Seqrite
    Seqrite

    Follow us for the latest updates and insights related to security for...

    Read more..
  • Viraj Talikotkar
    Viraj Talikotkar

    Viraj is a Lead Technical Writer at Quick Heal Technologies. He is always on...

    Read more..
  • Sanjay Katkar
    Sanjay Katkar

    Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of...

    Read more..

Latest Posts

  • Businesses now worried about the surge in COVID-19 infodemic

    Businesses now worried about the surge in COVID-19 infodemic

    February 26, 2021
  • Turn the Page: Cybersecurity Predictions for 2021 & beyond

    Turn the Page: Cybersecurity Predictions for 2021 & beyond

    February 18, 2021
  • Pharma Sector needs to streamline its insides to avoid cyberattacks

    Pharma Sector needs to streamline its insides to avoid cyberattacks

    February 12, 2021

Stay Updated!

Topics

Antivirus For Linux (10) apt (9) BYOD (9) COVID-19 (10) Cyber-attack (31) cyber-attacks (56) cyberattacks (12) Cybersecurity (279) cyber security (25) Cyber threat (29) cyber threats (44) Data (11) data breach (50) data breaches (27) data loss (28) data loss prevention (33) data protection (21) data security (13) DLP (49) Encryption (16) endpoint security (102) Enterprise security (14) EPS (9) Exploit (12) firewall (11) hackers (9) IoT (10) malware (58) malware attack (22) malware attacks (12) MDM (25) mobile device management (9) Network security (18) Patch Management (12) phishing (16) Ransomware (56) ransomware attack (29) ransomware attacks (30) ransomware protection (12) Seqrite (24) Seqrite Encryption (27) Seqrite EPS (33) Seqrite Services (16) UTM (34) Vulnerability (10)

Products

  • Endpoint Security (EPS)
  • Seqrite Encryption Manager
  • Seqrite Endpoint Security Cloud
  • Cloud Security
  • Seqrite mSuite
  • Seqrite MobiSMART
  • Unified Threat Management
  • Seqrite Secure Web Gateway
  • Antivirus for Server
  • Antivirus for Linux

Resources

  • White Papers
  • Datasheets
  • Threat Reports
  • Manuals
  • Case Studies

About Us

  • Company Overview
  • Leadership
  • Why choose SEQRITE?
  • Awards & Certifications
  • Newsroom

Archives

  • By Date
  • By Category

© 2020 Quick Heal Technologies Ltd. (Formerly Known as Quick Heal Technologies Pvt. Ltd.) Cookie Policies Privacy Policies

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website.
By browsing this website, you agree to our cookie policy.