You’re driving down Fifth Avenue in Manhattan, and all of a sudden your car breaks on its own. A hacker has managed to attack your car through your internet-connected entertainment system and has seized control of the brakes, bringing you to a halt. The gas pedal isn’t working, so you’re stuck.
You get out of the car, and quickly realize your car isn’t the only victim. On Fifth Avenue, about one in five cars isn’t moving, and traffic has effectively stopped. Chaos ensues. One of the cars ahead of you braked so hard that the car behind rear-ended it, and the driver needs medical attention. You hear a siren ringing, and realize that there’s no way that the ambulance will be able to make it, with traffic at a standstill.
This is the scenario sketched out in a recent paper published in the journal Physical Review E by researchers at Georgia Tech. The research team wanted to reveal how cybercrime might impact the real world, not just our digital identities, so they developed a model for how hackers might weaponize internet-connected cars (which is most new cars nowadays).
When we think of hacks, we tend to think of data breaches like the ones that recently impacted Capitol One and Equifax customers. But those happened entirely on computers. Security breaches of cars could have a direct—and dangerous—effect on people and physical infrastructure like our roads. “There is this cyber-physical impact of hacked cars that we think really needs to be quantified and understood because virtually every car you can buy today is internet-connected to some degree,” says Peter Yunker, an assistant professor of physics at Georgia Tech. And if self-driving cars—in which an entire vehicle is run autonomously using sensors—become more prevalent, as they are expected to do, the risk only increases.
Yunker co-authored the research with post-doc Skanda Vivek and PhD student David Yanni from Georgia Tech and Jesse L. Silverberg from the advanced materials company Multiscale Systems. The idea was to build on existing research that examines hacking vulnerabilities in self-driving and connected cars. Such work typically focuses on isolated scenarios: A hacker remotely controlling a car and causing a crash; a hacker forcing a car to halt; a hacker fooling a car’s sensors into thinking it should stop; or even a car detecting an attack and shutting down preemptively. The Georgia Tech researchers wanted to go a step further to investigate how a coordinated attack against thousands or millions of cars might impact cities as a whole.
They ran simulations using an advanced physics model to understand how traffic would be affected in Manhattan if a certain percentage of cars on the road were stopped, and found that during rush hour, only 20% of the cars would need to be hacked to effectively freeze the grid. “As you pass 20%, things don’t get that much worse, they’re already so bad there’s not much further to go down,” Yunker says. “You don’t know if the ambulance will be able to get to the person who needs it or the fire truck will be able to get to an emergency.”
To figure out this number, Yunker and his fellow researchers modeled a concept in physics called percolation. It’s the same thing that happens when you make pour-over coffee: As you pour water into grounds, the liquid slowly makes its way to the bottom while it starts to drip into your mug. That doesn’t happen if you only pour a few drops of water, but at some point, if you pour enough liquid, there’s almost a 100% chance that it will find a pathway to the bottom of the grounds. The point at which this happens is called the percolation point. When it comes to the car hacking scenario, 20% of cars on the road being hacked is the percolation point because it prevents a car from getting from the tip of Manhattan all the way up the island.
Yunker and his co-authors chose Manhattan because there’s plenty of mapping and traffic data about the city. But they believe that a hack like this would have an even worse impact on a city like Atlanta or Los Angeles, because these cities aren’t based on grids and instead tend to have fewer numbers of large thoroughfares that you have slog through to get anywhere.
Luckily, outside cybersecurity researchers don’t think this particular scenario is very likely right now. Hacker Chris Valasek, who famously hijacked a car with fellow hacker Charlie Miller for the first time in 2013 (an incident that helped inspire this research), says it’s enormously difficult to perform a remote hack with a single car, let alone with 20% of the cars on the road. “It assumes some kind of homogeneous similarities in all the vehicles,” says Valasek, who now works as principal autonomous vehicle security architect and engineering manager at Cruise, a self-driving car startup owned by General Motors, and is not affiliated with the study. “Prior research we’ve done has shown a lot of vehicles are very different.”
Yunker points out that if there were a vulnerability across the security systems of all the internet-connected cars from one of the big automakers, that might be something that a hacker could exploit. But Valasek says that this is unlikely as well because many companies are designing cars to separate critical functions from noncritical functions. Gaining access to an entertainment system, for instance, would not grant a hacker access to a car’s steering wheel as well.
The research still has an important takeaway: Companies and regulators need to take connected car security seriously, says Charles Harry, a public policy professor and the director of operations at the Maryland Global Initiative in Cybersecurity at the University of Maryland who was not affiliated with the study. “While we want to move toward full autonomy, it might make a lot of sense for users to still be able to take over the car and operate in a more manual way,” Harry says. In other words, every autonomous car should still have a steering wheel that a human can control—no futuristic car-pods that lack the basic mechanism for driving the old-fashioned way.