Recent news that connected car hacks could paralyze entire cities shouldn’t come as a surprise, but it should be a wake-up call, alerting us to the possibilities of attacks on our transportation systems.
Research reported in Science Daily revealed simulations in which mass attacks on connected cars would send an entire city into gridlock. An attacker could achieve this by stalling as few as one in five cars during rush hour, the research said.
Bringing only one in 10 cars to a halt would be enough to cause serious, life-threatening problems, the research added. With that many cars paralyzed, emergency vehicles wouldn’t be able to pass.
This is one example of a hack on transportation that could have widespread infrastructural consequences, especially if used as part of a broader assault on multiple critical infrastructure systems. However, it isn't the only concern. We've seen several warnings about the potential for attacks on other modes of transportation.
The US Coast Guard has issued two warnings this year about malware attacks on marine vessels. In an event this February, a large craft suffered a "significant cyber incident" when travelling between the Port of New York and New Jersey.
Some attacks don't use on-board malware at all. Instead, they used GPS spoofing to full a vehicle or boat into assuming it's a different position. We recently saw researchers demonstrate an attack on GPS systems used by automotive manufacturer Tesla that could be used to misdirect traffic for hundreds of meters around. Tesla's multiple on-board systems make this unlikely to cause accidents by crashing Teslas, but it could be used to snarl up traffic by having automated systems take wrong turns and clog up the roads.
It's time to take this a lot more seriously. One compromised vehicle could be disastrous enough for its occupants and those nearby, but a herd of them would be catastrophic.
