Driverless cars could become WMDs

At a closed-door Q&A session at the software hacking conference DEF CON, Elon Musk said that a fleetwide attack was Tesla’s “nightmare scenario” and announced that they were going to open-source their security modules so that automakers could work together to secure a safe self-driving future. (He later announced the security open source initiative on Twitter.) Musk’s announcement is a great start, and I’m encouraged, since an open source initiative is the single most important step to securing autonomous vehicles. But there have been other developments as well.

At an offensive cybersecurity conference earlier this year, former GCHQ information security specialist, Matt Tait, presented the keynote. (Lawyers know Tait as a Lawfare contributor and hackers know him as @pwnallthethings. It’s fun and strange when worlds collide.) One of Tait’s concluding remarks was that there are now numerous strategic threats to the world from a mass cyber-attack. Military planners call nuclear weapons and other weapons of mass destruction strategic threats because they impact military planning at the level that concern the national defence strategy. Tait used the specific example of a hijacked Windows update since it could wipe out complex logistics chains, or the power grid. The same type of strategic threat exists for autonomous devices as well. Tait then implored his fellow cybersecurity researchers to be careful with the consequences of their actions. To illustrate this, he displayed a mushroom cloud as the slide’s background image.