...
...
Next Story

Seeing Silicon: Can a self-driving car become a weapon?

Autonomous vehicles rely on complex software and connectivity, raising cybersecurity risks and vulnerabilities, as discussed by Shweta Taneja in her column.

Updated on: Jun 09, 2025 04:35 PM IST
Advertisement

Around the block from my home, I bumped into someone from Kodiak Robotics, a company that builds autonomous driving systems for trucks. Their 18-wheeler trucks come loaded with LiDAR, radar and cameras that give full 360-degree coverage, allowing for driverless rides on the freeway. “So, what do you do at the company?” I asked him as he showed me around a truck. “I stop this self-driving truck from becoming a weapon,” he replied.

PREMIUMFor representational purposes only. (Getty Images/iStockphoto)
For representational purposes only. (Getty Images/iStockphoto)

On a deeper level, we all know

Around the block from my home, I bumped into someone from Kodiak Robotics, a company that builds autonomous driving systems for trucks. Their 18-wheeler trucks come loaded with LiDAR, radar and cameras that give full 360-degree coverage, allowing for driverless rides on the freeway. “So, what do you do at the company?” I asked him as he showed me around a truck. “I stop this self-driving truck from becoming a weapon,” he replied.

PREMIUMFor representational purposes only. (Getty Images/iStockphoto)
For representational purposes only. (Getty Images/iStockphoto)

On a deeper level, we all know that software runs autonomous vehicles, but it kind of hit me in the face when the 12-volt battery in my electric car died in the middle of nowhere. I had just come back to my car after an early morning birdwatching session. As soon as I started the car, the screen flickered with a warning about low 12-volt battery and then went dead. The car refused to start. The car even refused to lock or do anything really. Even though the main battery was 80% full, thanks to the dead little 12-volt battery, my car had just become a container parked on the road.

After I dealt with half-a-day of logistics and a long ride back home in a tow truck (all electrical and mechanical), I found out that the electric car I was driving was constantly trying to connect with an online network, even when the car was turned off. All electric vehicles, and especially autonomous ones, are kind of like a big device running on battery and software. They’re connected to the internet and to their company’s network. Through them, many third-party apps are also connected to your car. These apps ping the car to update the data they’re collecting. Perhaps that’s what happened to the rental I was driving – it tried to find this network, couldn’t connect as there was no signal where it was parked and exhausted its operating battery in the process.

Remote hacking is one of the biggest risks of a software-enabled car. In 2015, two researchers wirelessly hacked into a Jeep Cherokee, taking control of the entertainment system, the windshield wipers and then disabling the accelerator before killing the engine. It was the most dramatic show of cybersecurity demonstration in increasingly software-dependent vehicles and led to improvement in automotive cybersecurity in the US.

But this was ten years ago. Now cars are increasingly pinging and giving away information to their manufacturers and to third-part companies – even when they’re not switched on. Our cars know our location as they collect GPS data, some also link payment cards to our accounts. You can open your car with your phone, call it to where you’re standing in a parking lot and you can also ask it to remotely start the aircon. All these conveniences can become potential pathways vulnerabilities and back doors. Autonomous vehicles – which also had additional software and iOT devices – take this to the next level. Hackers can manipulate inputs to sensors (radar, cameras or LiDAR) that autonomous vehicles depend on and deceive the vehicle. Third-party software, firmware or hardware components can bring in unknown vulnerabilities. Then there’s data privacy – that favourite bane of our existence. Autonomous cars collect a lot of our data – location, biometrics, passenger behaviour – that can be hacked and used in malicious ways.

Somewhere the technology companies who are pushing these software are aware of its vulnerabilities. According to a 2024 report by Fairfield Market Research, the automotive cybersecurity market is projected to grow from US3.7 billion in 2024 to US$21.42 billion. Key drivers include government regulations, rollout of 5G technology integration and rising vehicle connectivity.

Autonomous vehicles have become a normal around where I live in Silicon Valley. Through the week, as I drove alongside empty Waymo Ones (The autonomous robotaxi is now doing more than 2,50,000 rides a week in the US). More cities in the US are preparing for Waymo launches, while Amazon’s Zoox and Tesla’s Cybercab are ready to be deployed in different parts of the country. I started to wonder what would happen if they were all to be hacked together.

The words of the cybersecurity expert from Kodiak ring in my head. I’m used to software in my devices – in my laptop, desktop, tablet, and phones. I’m also quite used to the fact that any of these can be hacked. I’m not used to my car becoming out of my control. Don’t get me wrong. I love software-enabled technological in cars. Features like adaptive cruise control, lane keeping, and automatic breaking bring joy to driving. But I’m old enough to also remember hacked laptops, crashed systems. Autonomous cars basically software on wheels. And software can be hacked.

Shweta Taneja is an author and journalist based in the Bay Area. Her fortnightly column will reflect on how emerging tech and science are reshaping society in Silicon Valley and beyond. Find her online with @shwetawrites. The views expressed are personal.

All Access.
One Subscription.

Get 360° coverage—from daily headlines
to 100 year archives.

E-Paper
Full
Archives
Full Access to
HT App & Website
Games
 
SHARE THIS ARTICLE ON