Credits: ABC NEWS
It might be hard to imagine an highway full of self-driving cars, but before we know it, the entire traffic system will be interconnected.
We’re living in the dawn of autonomous vehicles, Bill Malkes, CEO and co-founder of Gridsmart Technologies, Inc., said.
California recently approved permits for self-driving cars to be tested on public roads without a human inside. A total of 263 permits for autonomous vehicles and drivers approved to monitor them are held by five companies – Apple, General Motors’ Cruise Automotive, Waymo, Tesla and Drive.ai – in California and Dallas, USA Today reported May 15.
Gridsmart, a Knoxville-based traffic technology company, installs its technology at intersections to gather traffic flow pattern data and provide safety solutions. The intersection at Kingston Pike and Northshore is Gridsmart controlled. Forty-five thousand vehicles travel through it each day.
That’s potentially 45,000 points of entry for traffic system hackers, Malkes said. Gridsmart is working to get ahead of hackers with the addition of its Information Security and Threat Intelligence department, known as IFTI.
A whole new world for hackers
The IFTI department is led by Tony Rucci with three other employees, and acts as a cyber security resource for traffic IT staffs across the country.
The department is a million dollar investment going into its first year, Malkes said.
“No one else is doing this in traffic and infrastructure,” he said.
Conversation between IT and traffic professionals traditionally has not been necessary, Rucci said. Now it’s more than necessary.
“In the traffic space, they’re driven by lower budgets,” Rucci said. “They’re hiding in plain sight if you will. There really hasn’t been a lot of smart technology embedded into those (systems) over the years, but that isn’t the case anymore. With smart vehicles and tracking software that’s being deployed, it still comes back to the basics of good network security practice.”
Hackers don’t have to wait for autonomous vehicles to occupy the traffic system – all they need are connected vehicles. That includes any traffic intersection with a wireless camera, a vehicle with wifi and newer technology like Toyota’s 5.9 gigahertz radio, which will be included on all its 2020 vehicles.
Following the hack
A connected vehicle is no different than a mobile device or laptop on wheels, Rucci said.
If a hacker breaks into an intersection’s system, every vehicle that drives through that intersection is vulnerable to that virus. If a phone is connected to that vehicle, there’s instant access to email, bank accounts, and anything connected wirelessly.
Once a vehicle catches the virus from the first intersection, it carries it to the next connected intersection and the cycle begins again.
“(A hack) is going to happen,” Rucci said. “There’s nothing anyone can do for you that’s going to make your network unhackable. … There’s not a lot of money spent on security measures in cities until they’ve been compromised. Then it’s more expensive, because it’s recovery and not proactive.
“When your network is compromised, those who are successful are able to recover their data. The single point of failure for most companies is failure to plan.”
Steps to take
Insider threats are a major problem, but there’s a simple fix, Rucci said. Some tips to avoid common mistakes that create vulnerabilities include:
- Change default passwords on company devices
- Do not connect to public wifi
- Do not open suspicious emails and click links