Cybersecurity Concerns about Autonomous Vehicles Spark Consumer Anxiety

New research shows that consumers are increasingly concerned over cybersecurity in vehicles. (Photo: Flickr

Skepticism about self-driving vehicles comes from multiple sources: The newness of the technology, issues with safety and concerns about cost.

Now, new research from the University of Michigan suggests another cause of wariness stemming from consumers’ concern over cybersecurity.

A study released Tuesday by the school showed that, while Americans fret about conventional cars being vulnerable to hackers, they’re even more anxious about digital pirates cracking the code on self-driving vehicles – including those with some driver control.

Researchers conducted an online survey of 519 adults in January and found that threat to personal information was less of an issue than hackers gaining control of vehicles or the central traffic-management system. Women and older respondents were more worried generally about the issue than men and younger participants.

Major concerns left unanswered questions. Could cyber-criminals remotely hijack an autonomous car’s electronics with the intent to cause a crash? Could terrorists commandeer the vehicles as weapons? Could data stored onboard be unlocked?

“As we become more and more engaged with new technology, data privacy across the board has become a serious problem,” said Jack Gillis, director of public affairs for the Consumer Federation of America. “For auto owners, this concern presents a ‘double whammy’: Not only is it possible for vehicle control to be taken over by hackers, but your location, driving patterns and even where you shop can be subject to invasion.”

At the moment, hackers don’t have much financial incentive to infiltrate vehicle technology, said Egil Juliussen, an automotive technology analyst with IHS. Eventually, though cyber-criminals might try to infect cars with so-called ransomware, shutting down the machine until the owner pays to have it restarted, Gillis said.

“Cybersecurity, and keeping ahead of all of these types of bad guys is going to be one of the toughest problems the auto industry will have to face,” he said.

The threat could balloon as interest in automation soars amongst startups and traditional automakers fighting to stay relevant.

Late last month, Mercedes-Benz manufacturer Daimler AG struck a deal to eventually have its self-driving vehicles included in Uber Technologies Inc.’s ride-sharing platform. In a separate deal, Uber now has several self-driving Volvo XC90 SUVs operating in a trial run in Pittsburgh, with backup drivers on board.

MIT-spinoff NuTonomy paired up with Grab – a Southeast-Asian Uber doppleganger – to test its autonomous vehicles with passengers in a specially-designated section of Singapore. NuTonomy said in November that it planned to have its self-driving Renault Zoe electric vehicle tooling around the Seaport section of Boston by the end of 2016.

General Motors Co. hopes to start its own test by mid-year, using Chevrolet Bolts with backup drivers on the Lyft. Inc. ride-sharing network. Ford Motor Co. has announced plans to develop autonomous vehicles for taxi fleets.

Google parent Alphabet Inc. launched a stand-alone unit called Waymo to work on commercializing its driverless technology, which has already traveled more than 2 million miles. The company recently made a pact with Fiat Chrysler Automobiles to include the Alphabet driverless system in 100 Chrysler Pacifica minivans.

Driverless cars usually rely on detailed digital maps, intricate algorithms and a host of sensors to operate without human interference. Proponents say that the technology could help transport people unable to drive themselves, reduce urban congestion, boost vehicle electrification, improve economic productivity and reduce traffic accidents.

But in addition to concerns about cybersecurity, critics worry that autonomous vehicles aren’t sophisticated enough to parse through inconsistent road signs, volatile weather and unpredictable pedestrians and drivers. Fitch Ratings analysts wrote in a December report that driverless cars likely won’t be a majority on the road for at least a decade.

“Although the benefits of self-driving vehicles are great, with the potential to revolutionize transportation, the technological hurdles researchers must cross to achieve fully autonomous vehicles able to go anywhere and anytime will not be reached for years,” the researchers wrote.

Earlier this month, the Governors Highway Safety Association published a report on the issue, finding that only 20 percent of consumers would immediately buy an autonomous car if available. And all-autonomous fleets are at least three decades away, researchers found.

Mass adoption will require more public education, data collection and law enforcement standards, according to the group. But legislators – especially at the state level – should wait to write up laws until a standardized benchmark can be created, researchers concluded.

“Navigating a world with a mix of driver-operated and autonomous commercial vehicles will certainly present a challenge,” said Kara Macek, a spokeswoman for the group. “States need to anticipate how AVs will change the behavior of other drivers. For example, drivers may become frustrated and drive aggressively around automated commercial delivery vehicles that are automatically programmed to obey all traffic laws.”

Federal officials published a set of 15 autonomous vehicle guidelines last year known as the Vehicle Performance Guidance for Automated Vehicles. The suggestions – targeted at vehicle manufacturers – cover issues including cybersecurity.

“Our concern is whether or not government oversight and regulation to insure cybersecurity on a number of fronts can keep up with the rapid roll-out of new technologies and the autonomous vehicle,” Gillis said.

Juliussen said that the autos industry is already on the case.

Firms such as Argus Cyber Security and TowerSec are dedicated to digital protection of vehicles. The Society of Automotive Engineers has a cybersecurity guidebook. Juliussen predicts that, by 2023, 44.6 percent of cars will be sold with firewall cybersecurity, compared to 5.7 percent in 2016.

In 2015, security researchers Charlie Miller and Chris Valasek remotely hacked into a 2014 Jeep Cherokee’s digital systems over the Internet to demonstrate how easily malicious cybercriminals could paralyze a moving vehicle. Chrysler responded by recalling 1.4 million vehicles.

“That really woke everybody up, and now there’s really a tremendous amount of activity on this,” Juliussen said. “Two or three years ago, they were basically ignoring it.”

Related: Sciences Academy Panel Sees Self-driving Trucks on Road in Five Years