Risk Alerts: Cyber Threats to Automated Electric Vehicles, U.S. Infrastructure

Print Email
May 12, 2021

Automated electric vehicles exposed to cyber threats. Researchers from the University of Georgia have identified cybersecurity weaknesses that could threaten the safety of connected and automated electric vehicles (CAEVs).

While technology such as adaptive cruise control and other auto-assist functions enhance driving safety, comfort and energy efficiency, the networked infrastructure of these vehicles opens the door to cybersecurity concerns. The researchers said in-vehicle infotainment systems—used to deliver entertainment and useful information through audio/video interfaces, touch-screen displays, button panels and voice commands—are a prime target for attackers.

Electric vehicles are also vulnerable when they plug into charging stations. Hackers could use this recharge time to circumvent the vehicle control systems, which would allow them to disable brakes, turn off headlights or take over steering.

Highly skilled attackers can also reduce the efficiency of electric vehicles, decreasing battery capacity and energy by up to 50 percent.

Source: “How to keep automated electric vehicles safe,” University of Georgia, April 27, 2021; study, “Cyber-Physical Security of Powertrain Systems in Modern Electric Vehicles: Vulnerabilities, Challenges and Future Visions,” IEEE Journal of Emerging and Selected Topics in Power Electronics, Dec. 17, 2020

***

Major U.S. pipeline hit with cyber attack. Colonial Pipeline, the operator of one of the largest fuel pipelinesin the U.S., remains largely shut down after being hit with a ransomware attack on May 7. The pipeline provides nearly half of the supply of gas, diesel and jet fuel to the East Coast.

The cyber attack underscores the vulnerabilities of U.S. infrastructure, warns a cybersecurity expert from the University of Notre Dame, who is also a former computer scientist with the National Security Agency. “The fact that this attack compromised systems that control pipeline infrastructure indicates that either the attack was extremely sophisticated, or the systems were not well secured.”

He noted, “Standard practice for this type of critical systems is to place them on their own isolated networks precisely to prevent this type of attack. These systems shouldn’t be connected to the internet, making it very difficult for an outsider to gain control of them.”

The FBI has confirmed the culprit is DarkSide, a strain of ransomware believed to be operated by Russian cybercriminals. DarkSide claims their motives are purely money-related and not political.

Source: “Colonial Pipeline cyberattack reveals national infrastructure vulnerabilities, Notre Dame expert says,” University of Notre Dame release, May 11, 2021

Print Email

Was this article valuable?

Here are more articles you may enjoy.

That Insurance Talent Crisis? It’s a Global Knowledge Opportunity
Former MLB Player Charged With Insurance Fraud in Florida
If U.S. Inflation Reflected Rising Home Insurance Costs, It’d Be Even Higher
Ford Recall of 43,000 SUVs Due to Fire Risk Won’t Remedy Gas Leaks

Related Articles

8 Emerging Risks to Watch: Flooding, Toxins, Solar Panel Waste
Tesla, Other Car Makers Have Edge Over Incumbent Insurers: Moody’s

Our Contributors

Shannon ShallcrossViewpoint: You’re at a Competitive Disadvantage If You’re Not Innovating
Meghan ParrillaHow Apprenticeship Programs May Be the Best Solution to Today’s Talent Crisis
William SteenbergenThe Insurance Data Paradox: Structure Creates Flexibility
James GammellViewpoint: Risks for D&O Insurers Exploring the New Frontier of Gen AI
Richard CoyleMany Businesses May Not Be Protected Against Losses From Snow Melt Floods
See All Our Contributors