Not exactly a classic cloud security issue but Wil Rockall, director in KPMG’s cyber security team, has spotted a fascinating side issue to the recent announcements by Google that it plans to produce its own fleet of driverless cars. He calls it the creation of the `spam jam’
The potential for spam jams to happen is, in all likelihood, some time away. This is because it will be a while before Google gets far enough along its roadmap for this project to start licencing car manufacturers to exploit its technology. For now, its proposed fleet will be trundling around California’s Silicon Valley at a stately 25mph and under the company’s close scrutiny.
Even so, they must certainly represent a tempting target for hackers to try and break into the management systems and take control of a vehicle or two. Much more tempting, however, will be the potential to break in and cause havoc – and not inconsiderable danger – for all and sundry if and when these vehicles become mainstream forms of transport.
That is the potential for the spam jams Rockall foresees. He predicts that the move could herald improvements in road safety – it could eradicate drink-driving accidents overnight and benefit the country pub trade immeasurably. But he also warns that the potential for hacker-driven congestion might affect consumers’ driving experiences.
“There is no doubt that self-drive cars are going to become a reality,” Rockall said. “The technology is already available and, with test drives showing early signs of success, an unstoppable journey has started on what will become a well-travelled road.
“There is an almost perfect combination of good reasons for self-drive technology. Top of the list is safety because humans are unreliable, easily distracted and have vastly slower reaction times than software. With a computer brain at the wheel, driving will also be more efficient meaning that environmental and economic benefits will quickly be noticed.
“For all the positives, the industry will need to be very alert to the risk of cyber manipulation and attack. Self-drive cars will probably work through internet connectivity and, just as large volumes of electronic traffic can be routed to overwhelm websites, the opportunity for self-drive traffic being routed to create ‘spam jams’ or disruption is a very real prospect. Yet the industry takes safety and security incredibly seriously. Doubtless, overrides could be built in so that drivers could shut down many of the car’s capabilities if hacked. That way, humans will still be able to ensure their cars don’t route them on the road to nowhere.”
The cars will almost certainly need to communicate via ubiquitous WiFi using cloud architected information and feedback. That will become an obvious target for the hackers, especially in terms of manipulating location information. The potential for causing chaos could be significant.
Undoubtedly Google will already be working on such issues and possible defences, but it will almost certainly be a major security battleground for the future.