Will Autonomous Vehicles Create New Cybersecurity Risks for CT Businesses?

     

CT businesses cybersecurity

Not long ago the concept of viable self-driving cars seemed far-fetched, but the reality is that autonomous vehicles (AV) are here today, and likely to become commonplace within the next few years. While the technology is nearly perfected, there are still roadblocks to adoption, such as data security, which is something that should concern all Connecticut businesses.

Watch the Free Cybersecurity Awareness Training Video

In Reno, the University of Nevada is working on a project to put autonomous buses on the road as early as 2019. In Helsinki, autonomous buses should be hitting the streets this fall. For consumers, the autonomous vehicles may be a little farther away. California is taking the first steps with the Department of Motor Vehicles’ plans to allow companies to test driverless cars on public roads before the end of 2017. General Motors also announced it’s ready to start mass producing the Chevrolet Bolt, a new line of self-driving cars that still have a human behind the wheel, just in case. Data security is expected to be an issue that will crop up with autonomous vehicles, and it’s best to know the risks so you can protect your company ahead of time.

Consider how Connecticut businesses are linked to the automobile. In addition to car dealerships, auto supply stores, and repair shops, there are delivery services, rolling billboards, and businesses such as Uber. Lyft, for example, has just launched an autonomous car division to take advantage of self-driving cars. AV may put some Connecticut entrepreneurs out of business but AV will open new opportunities for others, including new business ideas that haven’t even been considered yet. However, there still is the problem of data security.

The U.S. Senate Commerce, Science, and Transportation Committee is now considering principles for legislating AV that include data security, in addition to safety and innovation concerns. While trying to hammer out who has legislative responsibility (federal versus state), lawmakers are trying to understand the potential impact of AV on data security and driver privacy.

Concerns about Security…

AV data security has been a concern for some time. Whether driverless or not, late-model automobiles have their own self-contained networks, and those systems are becoming increasingly hackable. Car systems are no longer self-contained, but feature wireless links to support GPS, downloadable music, and software updates. It’s already been shown that car functions are hackable. For example, two hackers gleefully demonstrated how to hack a Jeep on the highway, including taking control of the car’s dashboard, audio system, windshield wipers, and even killing the transmission.

There are other AV security concerns based on known vulnerabilities. For the second year in a row, a group of Chinese researchers successfully hacked a Tesla, taking control of the doors, lights, and brakes. This seems similar to the Jeep hacking scenario, but more malicious hackers have successfully used Android malware to actually steal a Tesla. Because newer cars such as the Tesla are using over-the-air updates and smartphone apps for access and system management, they are more vulnerable to Trojans, viruses, and malware.

…and Privacy

Personal privacy presents different concerns. Inevitably, personal data will become part of the car’s network data system, which means it will be vulnerable to hackers and malware.

There are any number of ways that privacy can be compromised with a hacked AV. The most obvious one is location tracking. Hacking into a GPS system gives cyber criminals access to your location, which can be useful for anything from a carjacking to planning a burglary. Conceivably, that same location-based data also could be subpoenaed for legal proceedings as well.

Then there is financial data. With onboard intelligence, the car can store transaction information to automatically manage tolls, parking charges, and other fees. All you need is to register a payment methodology via an app or an online data store to handle transactions. If that data is hacked, then it could cost consumers and credit card companies a bundle in fraudulent charges.

There are other unforeseen possibilities in which data sharing could create a privacy concern. Most legislators seem more concerned with the security technology that will help commercialize AV than they are with privacy. However, some lawmakers are proposing a bill called the SPY Act (Security and Privacy in Your Car), which requires disclosure of how well a vehicle protects privacy via a cyber dashboard. Whatever approach is applied, AV operators need to be concerned with privacy.

What Is the Future of Autonomous Vehicles?

For Connecticut businesses, AV may give their operations a real lift. Some automated transaction capabilities, for example, may make it easier to conduct business, such as paying for car repairs or automating parking systems. AV also will likely mean new business models and more jobs for Connecticut workers. The Constitution State has always been a hotbed of technical innovation and new jobs will likely emerge to support AV.

What the legislative response to AV will be is still an unknown. In the past, the Connecticut legislature has put the burden of privacy protection on Connecticut businesses. It has already passed a law concerning data breach that places responsibility for the protection of customers’ identities in the hands of business owners. If a business suffers a data breach it is required to offer one year of identity theft protection to every customer affected. Connecticut lawmakers may take the same approach with AV, making businesses responsible for privacy in self-driven vehicles.

No one knows exactly what impact autonomous vehicles will have on consumers and business services, but there are certain to be opportunities as well as new regulations. As you start to consider the impact of AV on your business, be sure to consult your security and local networking expert. Managed service providers like NSI are experts in data security, whether it’s on your local area network or a wireless connection such as an AV. We can help you prepare for the future of self-driven vehicles, no matter what that future brings.

ct small business guide

About The Author

President of NSI, Tom has been helping small and medium businesses succeed in Connecticut for over 25 years.