The February 2023 issue of IEEE Spectrum is here!

Close bar

Cars: The Next Victims of Cyberattacks

The computers that make them smart also leave them vulnerable

2 min read
Cars: The Next Victims of Cyberattacks

Every year, automakers endow vehicles with more brainpower. Top of the line models regularly sport dozens of computerized control units. Why all the computer hardware? It has allowed us to turn over parts of the driving task—such as maintaining a safe distance from the car ahead of us, or parallel parking—to the cars.

But the same systems engineered to keep cars from crashing—or at least to make driving less stressful—might soon be co-opted by criminals intent on attacking a single driver or causing widespread havoc. Several research groups have independently demonstrated smart cars’ vulnerability to cyberattacks via the Bluetooth, Wi-Fi, or cellular connections meant as conduits for entertainment, information, and communication. In a September report about the emerging risks in automotive system security, security firm McAfee pointed to an incident where a disgruntled former employee at a Texas car dealership used a remote car deactivation system to simultaneously shut off the engines of 100 vehicles.

Researchers at the University of California at San Diego and the University of Washington say that in their tinkering, they hit upon a cyberattack method by which thieves could cause large groups of cars to report their vehicle identification numbers (from which it is easy to determine the cars’ years, makes, and models) and GPS coordinates. Having learned where the most prized vehicles are parked, the technique would allow criminals to issue another set of commands that remotely bypass the cars’ security systems, unlock their doors, and start their engines. A similar technique, said the researchers, could be used to listen in on a driver’s phone conversations, or worse, to disable one or multiple cars’ brakes as they travel at highway speeds.

Automakers say they have gotten the message. A Chrysler spokesman says the company is seeking the advice of security experts in order to identify its cars’ vulnerabilities. Ford says it is “working to ensure that we’ve developed [cars that are] as resistant to attack as possible.”

The Conversation (0)

Chinese Joint Venture Will Begin Mass-Producing an Autonomous Electric Car

With the Robo-01, Baidu and Chinese carmaker Geely aim for a fully self-driving car

4 min read
A black car sits against a white backdrop decorated with Chinese writing. The car’s doors are open, like a butterfly’s wings. Two charging stations are on the car’s left; two men stand on the right.

The Robo-01 autonomous electric car shows off its butterfly doors at a reveal to the media in Beijing, in June 2022.

Tingshu Wang/Reuters/Alamy
Purple

In October, a startup called Jidu Automotive, backed by Chinese AI giant Baidu and Chinese carmaker Geely, officially released an autonomous electric car, the Robo-01 Lunar Edition. In 2023, the car will go on sale.

At roughly US $55,000, the Robo-01 Lunar Edition is a limited edition, cobranded with China’s Lunar Exploration Project. It has two lidars, a 5-millimeter-wave radars, 12 ultrasonic sensors, and 12 high-definition cameras. It is the first vehicle to offer on-board, AI-assisted voice recognition, with voice response speeds within 700 milliseconds, thanks to the Qualcomm Snapdragon 8295 chip.

Keep Reading ↓Show less