“Suppliers don’t like hearing that their product can be hacked.”
But that’s Lucky Munro’s job for Motional. As a penetration tester, he’s hunting for vulnerabilities in the hundreds of pieces of connected hardware and software that help power the company’s IONIQ 5 robotaxi. The way he sees it, if there is a flaw, a hacker is going to find it. And it can either be him, who works to make Motional’s autonomous vehicles cybersecure, or a bad actor interested in causing chaos.
“If there’s a door, a hacker’s going to find a way through the door,” Munro said, referencing a way into a piece of hardware. “They’re not going to ask for permission. It’s better to share that information, and allow people like me to go through those doors, so that we can help secure them.”
When Motional launches its fully driverless commercial robotaxi service in 2023, the technologically advanced autonomous vehicles, or AVs, will be controlled by an innovative combination of hardware and software. They will also connect wirelessly to remote operations and assistance centers. While this level of interconnectedness will enable a revolutionary change in the way people and goods move, it also creates more opportunities for hackers to find a weakness and worm their way in.
“We’re looking to ensure from a cybersecurity perspective that the hardware and software systems we’re using, as well as the cloud systems, are built correctly to resist an attack,” said Michael Maass, Motional’s director of cybersecurity.
Munro is part of the Motional team that performs penetration testing, where they employ hacker-like tactics to evaluate the security of vehicle hardware and software, as well as the larger overall interconnected ecosystem. Motional AVs depend on more than 30 sensors, including lidars, radars, and cameras, plus microphones and GPS devices, to develop a precise understanding of their driving environment. An onboard computer loaded with AI-infused algorithms turns the information into driving commands. All of the hardware components are sourced from external suppliers; Motional integrates the hardware onto the vehicle to form a larger system.
A primary part of the Red Team’s job is to take a piece of hardware and try to “break it,” or hack into it. They’re looking for an unprotected port on a camera, or an unsecured GPS chip. Sometimes hardware manufacturers create an entry point that’s only needed during manufacturing but isn’t removed afterwards. Or if a circuit board is used for multiple products, there could be some dormant but vulnerable features that can be switched on.
“The attack surface of an AV is actually quite large with the amount of computing devices,” said Munro. “Anything wireless, any of the external sensors, are potential entry points for would-be attackers.”
The goal is to accomplish four key cybersecurity principles: make sure the vehicle’s systems boot up securely, receive secure updates, can communicate securely, and properly authenticate each other.
“It’s about the absence of unreasonable risks,” said Maass.
A DIFFERENT MINDSET
Cybersecurity is one of the fastest growing career fields, but, according to Maass, it takes a certain type of person and disposition to work as a penetration tester. Basically, strict rule followers need not apply.
“People who tend to be really good at this are people who are already going through daily life looking where they can pull a prank or get something for themselves without breaking a rule,” said Maass, who hacked into online video games in high school.
Sarah Cho, another penetration tester for Motional, said she recently hacked into an Internet-compatible air purifier that she bought online.
“As soon as it was delivered, I identified the attack vector,” she said. “I have this mindset because hacking is a game for me.”
Munro didn’t initially have a cybersecurity background. While working for an automotive technology company, he identified a ”very long list” of system security problems and a new career was born.
“It’s a mindset,” he said. “There’s always a loophole or always a way to squeeze in where I shouldn’t be.”
Maass said a good cybersecurity Red Team needs members with different backgrounds.
“Diversity is important. When you have different hackers attack a system, they all come at it from a different perspective all based on their own life experiences and what they know,” he said.
With their technical abilities and tendencies toward mischief, Munro and Cho could easily be black hat hackers. But they choose to wear the white hat for their careers.
“It’s more productive,” said Munro. “It’s easy to break things and wreak havoc, which can be fun in the short-term. But being a white hat means getting to have the same fun, while making things better, and then everybody wins.”
Cho, who started hacking while in high school in Korea, said local companies used to just hire reformed criminal hackers but that’s no longer the case.
“I enjoy the challenge of finding weaknesses in systems, but if I want to do it without risking going to jail, I have to do it ethically,” she said.
Protecting the Unknown
There haven’t been any known major hacks involving autonomous vehicles. But the industry may become a growing target as more companies start deploying vehicles on public roads and growing their commercial operations.
What worries Motional’s cybersecurity experts is the uncertainty. Cybersecurity is still an immature field, especially for an industry like autonomous vehicles. Maass says while they know a storm is likely coming, they’re unsure what form it will take. That’s why having a Red Team is helpful.
“Since we don't know the shape of our hurricane, we have the potential to miss things that a hacker will find,” said Maass.
They do think hackers will focus less on pulling off Hollywood-style cybersecurity attacks involving full vehicle takeovers, and more on lower-profile hacks that target confidential IP and consumer data, or ransomware attacks.
“Most attackers are thinking, ‘How can I monetize this,’ not ‘What kind of mayhem can I cause’,” Maass said.
Besides, he added, protections put in place to defend against more common attacks will also stop those Hollywood-style attacks.
Making robotaxis cybersecure has two distinct challenges. First, most vehicles and parts are designed for legacy automobiles, which until just a few years ago, didn’t have much digital connectivity with the external world and thus didn’t need much hardening from cybersecurity threats.
“Lidars only had an industrial purpose,” said Munro. “Now we’re using hardware in ways they weren’t initially designed for. Companies are just now designing for AV uses.”
The other issue is that, unlike traditional rideshare vehicles, passengers will be in driverless robotaxis alone. That might be a tempting opportunity for a hacker.
“With a traditional rideshare, if you’re starting to screw up the driver’s car they're going to pull over and kick you out,” said Maass. “A hacker in a vehicle completely by themselves is going to start fiddling with things and see what level of access they can get in this car.”
But for Motional’s Red Team, the challenge is part of the fun.
“Vehicle hacking requires a lot of knowledge about different systems, unlike web hacking or app hacking,” said Cho. “It requires knowledge of embedded and vehicle domains as well as IT knowledge. Therefore it has more areas of study than other fields. Also, few people have been able to experience self-driving technology, and I can.”
Interested in working on Motional’s cybersecurity team as a penetration tester? Explore career opportunities here.