Question

Identify Information Security threats for “Autonomous vehicles” and how a business could mitigate these?

Answer 1

An autonomous vehicle is a vehicle with ability to steer through the roads and infer traffic signals on its own without the requirement of a driver or any human intervention. However, data or information security threats and privacy issues are a major concern for adoption of these vehicles on a massive scale.

Some of the security threats and privacy issues are outlined below:

• Manipulation of data packets sent over Electronic Control Units (ECUs) and Controller Area Network (CAN) Bus of these vehicles leading to total external control of the internal display system, the braking system and the locks.

• Use of CAN Hacking Tool (CHT) by outsiders to have complete access to the communication system (internal) of the vehicles.

• Use of different attack vectors such as a malicious music file, a modem for long distance diagnostics, digital audio broadcasting station and others so as to have remote vehicular control, position tracking etc.

• Manipulation of vehicle sensors affecting object perception.

• Attack on Vehicular Ad Hoc Networks (VANETs) resulting in congestions, accidents and the like.

A business can counter the preceding risks in following ways:

• Embrace Automotive Cybersecurity Best Practices as laid down by the US automotive industry.
• Adopt safety guidelines issued by National Highway Traffic Safety Administration (NHTSA) from time to time.
• Have proper leadership in the area of cybersecurity.
• Create awareness among the customers and employees regarding cyber attacks through frequent training sessions and webinars .
• Document all types of cyber attacks taking place in the customer’s vehicles.
• Put in proper recovery procedures so that the vehicle comes back to its normal status at the earliest.