At the beginning of The Fate of the Furious, Vin Diesel’s Dom says that it’s not what’s under the hood of the car that matters, it’s the person behind the wheel. Not long after, a major action scene challenges that declaration.
The eighth installment in the Fast & Furious series focuses on the evil plans of an anarchist hacker named Cipher, played by Charlize Theron. She can control seemingly anything in the world that has a wifi receptor, and in one memorable scene, she uses the power to create chaos in New York City.
Cipher, in a plane traveling halfway across the world, is able to take control of an army of unattended cars. It’s a wild scene, but it is actually not far from plausible in the real world. As drivers place more of their trust in onboard computers, gradually moving toward fully autonomous driving, a Cipher-style nightmare scenario grows increasingly plausible.
“This is not unreasonable,” Clifford Neuman, director of the University of Southern California’s Center for Computer Systems Security, tells Inverse. “Clearly today the capabilities of self-driving cars do not support this, but as they become more pervasive, this is an easy risk to envision.”
Although hacking one car might not be outside the realm of reason, Cipher is seen controlling a whole fleet with the flick of her finger. That part may be a little more suspect.
“While it is impossible to completely rule out anything in the security world, in my opinion, it would be highly unlikely for all the cars to be controlled for a longer period of time,” Engin Kirda, professor of computer science at Northeastern University, tells Inverse. “A good design would have a kill switch somewhere and would make sure that a scenario such as this would not be possible.”
Neuman has a slightly different take. A fleet of autonomous vehicles used in a ridesharing service would all run on the same system, receiving regular software updates. Through a process known as “subversion,” a hacker or other organization could interfere with the update process and add in code that allows for remote access.
“This would not be a hack that occurs on the spur of the moment,” Neuman says. Instead, the attacker would bide their time, slowly creeping into the software systems, until the point when they decide to hit the button and take control.
But it’s not just autonomous cars that could be at risk from hacks. Two years ago, Charlie Miller and Chris Valasek used a software flaw to take over a reporter’s Jeep. The flaw led to Fiat Chrysler issuing a recall of 1.4 million cars. Soon after, Canada’s Department of Defense announced plans to pay hackers to try and commandeer their trucks, just to see if security was tight enough.
“Existing cars are vulnerable to such attacks - albeit slightly simpler ones,” Andrew Martin, professor of security systems at the University of Oxford, tells Inverse.
Car hacking is a cause for concern because a hack could happen in theory, but the same applies to many aspects of life. Hollywood has repeatedly shown hackers stealing money from bank accounts, and people are well aware that it’s a possibility, but we still use online banking. The time to actually panic about these things is when a flaw is discovered.
“In short, yes, it’s a big deal, and it’s high on the agenda of all the car safety people, and really only time will tell if they’ve done enough work on that,” Martin says.