Exploring the Ethical Concerns related to the Cybersecurity of Connected and Autonomous Vehicles

Connected and autonomous vehicles (Cubs) face cybersecurity threats that raise tough ethical questions. The podcast explores who is responsible if a vehicle gets hacked, how to protect privacy, and what risks are acceptable. Cubs rely on software and continuous data exchange, making them vulnerable to cyber attacks. The industry must prioritize security, accountability, and consumer trust. Collaborating with ethical hackers and implementing security measures are crucial. A case study of a Tesla hack highlights the need for constant software updates. Cyber attacks on Cubs have ethical implications due to potential accidents and fatalities. Manufacturers must be transparent and prioritize safety. No system is 100% secure, so built-in safeguards and preparedness are important. Cybersecurity in Cubs is not just a technical challenge, but an ethical one that impacts safety, trust, and the future of mobility. Hello, everyone, and welcome to the Ethics of AI podcast. Today, I will be diving into a really important but often overlooked topic in the world of connected and autonomous vehicles, which are the cybersecurity threats and the tough ethical questions that come with them, like who's responsible if a vehicle gets hacked? How do we protect people's privacy? And what risks are we willing to accept for convenience and innovation? Connected vehicles rely on advanced networks and real time data to navigate the world. But this connectivity also exposes them to serious cyber risks. Imagine a hacker remotely taking control of your vehicle completely changing the speed, locking the brakes or potentially worse action. What are the ethical responsibilities of manufacturers and developers in preventing these scenarios? Moreover, this podcast will be broken down into four sections discussing one, what actually makes Cubs vulnerable to exploring real world examples of hacking incidents. Three, discussing how ethics must play a key role in securing the future of transportation. And lastly, we'll be joined later by an individual who had attended an insightful conference in Germany last year related to Cubs and have a look into her thoughts on the ethical concerns regarding these vehicles. So let's start by understanding what are connected and autonomous vehicles. These vehicles are often referred to as self-driving cars. So these vehicles are capable of making decisions and taking actions without human intervention. Now, Cubs can either be connected, automated or both. Connected vehicles, wireless to communicate with other vehicles, infrastructure and devices, transmitting real-time data such as traffic alerts, whereas automated vehicles perform driving functions without human input, including braking, steering and driving autonomously. Now, why are Cubs particularly vulnerable to cyber attacks? Well, first, Cubs rely heavily on software to manage everything from navigation and braking to communication with other vehicles and infrastructure. Now, this relies on software to create multiple access points for potential hackers. The systems are connected to the internet, cloud services, mobile apps and sometimes even smart home devices. This obviously offers multiple pathways for attackers. Secondly, unlike traditional cars, connected vehicles continuously exchange data. This data can include your driving habits, location and personal information. This obviously would make these types of vehicles a particularly attractive target for cyber criminals. While that data is essential for improving safety and efficiency, it also raises significant concerns about privacy and security. And my final point is that the rapid development cycle of these technologies means that security is sometimes sacrificed in the rush to bring innovations to market. This obviously would lead to vulnerabilities that hackers can exploit. Now, there have been various connected and autonomous vehicles deployed around the world. For example, like Waymo, Zooks, or a lot of people better know Tesla, and etc. There are many and many that are currently going to be deployed. However, this deployment doesn't go without its implications. Now, a case study that I want to discuss was back in 2016, where security researchers from Keen Security Lab in China managed to hack into a Tesla Model S. Now, they managed to do this from just 12 miles away. They found vulnerabilities in the car's firmware and web browser that gave them full remote control of the vehicle. This meant that they could control the brakes to the car when the car was parked, and even opening and closing the doors. So, since you're driving, and suddenly you're losing control because someone miles away decided to hit the brakes for you. I found that absolutely terrifying. But luckily, Tesla was all over it and pushed out a software update within 10 days to fix the issue. Now, I do believe that this case is a huge wake-up call for the industry. And it does show how critical constant software updates and third-party security research are for keeping connected vehicles safe. It's also a perfect example of how collaboration with ethical hackers can actually make technology better and more secure. So, what are the ethical implications of these cyber security threats? So, there's the issue of safety and human well-being. A successful cyber attack on an autonomous vehicle isn't just about stealing data, as one might think. It could also result in accidents, injuries, or even fatalities. That makes cyber security a matter of life and death, which means manufacturers have a moral obligation to prioritize it. Then, there's the question of accountability. If a vehicle is hacked, who is to blame? Is it the manufacturer for not building a secure enough system, the software developer for overlooking the vulnerability, or is it the owner for failing to update the software? Determining accountability in these situations is complex but very important. And lastly, there's consumer trust. If people don't feel safe in connected vehicles, it could slow down adoption and stop the development of the entire industry. This impacts the UK in particular massively, as it's leading the global race to bring connected and autonomous vehicles to market, with a projected £62 billion contribution to its economy by 2030. Therefore, transparency is key. Consumers need to understand the risks and the steps being taken to protect them. Especially in this world where technology is on the rise, it can be very hard to keep up with. And I think regarding cabs in particular, this type of vehicle would be very beneficial to the elderly and disabled, so they would therefore expect to have full trust in these vehicles. Now, to delve deeper into this discussion, I'd like to introduce Anna, who attended the Connected Vehicles Europe conference last year in Germany. Thank you for having me today. Of course. So, let's start with your experience at the Connected Vehicles Europe 2004. For you, what were the key takeaways from the event, especially regarding cyber security and the future of connected vehicles? Connected Vehicles Europe last year was honestly a fantastic event. It really brought together industry leaders, cyber security experts and policy makers to discuss the future of connected mobility. Obviously, one of the most important and the biggest themes was the growing importance of proactive cyber security strategies for autonomous vehicles. So obviously, with the vehicles becoming more connected than ever, the risks were increasing, they still are increasing exponentially. There were so many discussions as well that were focused on heavily building robust defences and creating industry collaboration to tackle potential threats. So there was this clear message overall, which was that cyber security can no longer be an afterthought, it has to be the top priority from the design phase onward. So I feel like altogether, it was just very, very informative for us to make sure that we put cyber security at the forefront. It's a really powerful message. So what do you think about how manufacturers can ensure that cyber security remains a top priority as they keep on developing these vehicles? So it starts with a concept called security by design. So this means integrating cyber security measures at every level of vehicles architecture, their hardware, software and even the communication systems that link vehicles to external networks. Obviously, manufacturers, they also need to invest in continuous monitoring and regular software updates to stay ahead of emerging threats, because day by day, things are always, always changing, and there will always be threats. So as well as that, collaborating with ethical hackers, they can also find vulnerabilities before the actual reality sets in and there's bad actors that actually do take part in those vulnerabilities. And that's a massive, crucial step for us. And lastly, obviously, educating users about cyber security risks and encouraging safe practices. That is very, very important because human error can sometimes be the weakest link and we need to do everything we can in our power to mitigate things like that. I think those strategies are very well relevant in today's world. But also even like with all of these safeguards, the reality is that no system can be 100% secure. So what do you think are the ethical implications of potential cyber attacks on connected and autonomous vehicles? You're absolutely right. No system is ever completely invulnerable. I feel like the ethical implications are significant because we're not just talking about the data breaches. We're also talking about real world physical harm. So a successful cyber attack on an autonomous vehicle could cause accidents, injuries, and even like fatalities. So manufacturers, they have this ethical duty to minimize these risks and also to be completely transparent about any potential vulnerabilities of their own systems. But there's also a broader ethical question around preparedness. So how can we actually ensure that vehicles have built-in safeguards to minimize the impact of an attack? Like for example, manual override options. These are the kinds of conversations that we actually need to be having at this stage. That was really insightful. Thank you so much, Anna, for taking the time to speak. So overall, cyber security in connected and autonomous vehicles is more than just a technical challenge. Of course, it's an ethical one that impacts safety, trust, and the future of mobility. So on a final note, as these vehicles hit the road, the real question isn't just can we do it, but how do we do it right? Thank you so much for listening.