Hacking Internet Connected Cars – a near possibility for cybercriminals to cause major havoc.
With the advent of the 21st century, we saw great technological feats arise – thanks to the internet. But something far beyond its initial use-case has emerged in recent years with a phenomenon termed the Internet of Things (IoT).
Everything today ranging from our smartphones to our cars is connected to the internet. By employing this connectivity as a middle point, different devices can be connected to each other enabling information to be transferred seamlessly.
Take the case of Tesla. In 2017 during Hurricane Irma, the company pushed a software update which enabled certain cars of its in the storm’s path to use their car batteries differently in terms of consumption resulting in an extended range of up to 40 miles. Summarily, it made the difference between Tesla drivers getting stuck amidst a wind storm and getting home safely.
However, there’s more beyond the advantages. If there’s one rule that has stood the test of time in cybersecurity, it is that everything can be hacked and IoT devices are no different. In a recently released report from the Georgia Institute of Technology and Multiscale Systems Inc, we can now take a closer look at what it would take for hackers to take down automated vehicles digitally and cause a traffic jam or even worse – car crashes.
The researchers used percolation theory to simulate how many cars hackers would have to randomly hack to lame all of Manhattan, but other cities could be easier to gridlock. Taking Manhattan as an example due to the extensive traffic data available, different percentages of cars hacked at different times were simulated.
“We investigate posthack traffic using agent-based simulations and discover the critical relevance of percolation for probabilistically predicting the outcomes on a multilane road in the immediate aftermath of a vehicle-targeted cyberattack. We develop an analytic percolation-based model to rapidly assess road conditions given the density of disabled vehicles and apply it to study the street network of Manhattan (New York City, New York, USA) revealing the city’s vulnerability to this particular cyber-physical attack,” the report said.
Firstly, it has been discovered that if only 20% of the cars were hacked during a rush hour and caused to halt, the minimum movement would be possible making it difficult to even move across town. If this 20% was during normal day-traffic or 10% during a rush-hour, emergency vehicles would have a hard time finding their way through the traffic.
Even more alarming is the fact that in the future, we expect 100% of cars to be automated using the internet with companies like Google, Tesla, and Uber already investing huge sums. Among such a percentage, even if a small number could be compromised to cause mayhem, this creates an attractive weak point for cybercriminals who may attack citizens in this way with a wide range of motivations ranging from political ambitions to financial ones.
Moreover, in the aforementioned study, the researchers left out the effects of certain realistic conditions like the public panicking, the attack being in a city with a shorter grid or car drivers turning into pedestrians by leaving their vehicles stranded due to network-wide traffic congestion.
“While a comprehensive investigation of city-scale traffic around hacked vehicles is an extremely complicated problem, we find that the statistical physics of percolation can provide an estimate of the number of vehicles that critically disrupt citywide traffic flow. Our upper-bound estimate represents a quantification of citywide traffic disruptions when multiple vehicles are hacked,” researchers warned, physicists at Georgia Tech warned.
Yet, there is time to address these security concerns to mitigate the damage such a hack can cause. What remains to be seen is how well that time is utilized and whether certain measures like limiting the number of cars that could be hacked at the same time in limited proximity could be implemented as suggested by the lead author Skanka Vivek.