Page 3 - Litigation
P. 3
NYLJ.COM |
Litigation | TUESDAY, JULY 5, 2016 | S3
• Level 0: No Automation. The driver Jeep hackers utilized a law in the vehicle’s
maintains control of all vehicle operations onboard entertainment system that allowed
at all times.
remote access to the vehicle’s critical safety
• Level 1: Function Speciic Automation. systems through a built-in cellular data con-
One or more driving functions are automated, nection. Through the exploit, the hackers
like parallel parking assistance or automatic were able to remotely control and disable
breaking.
key systems including acceleration and break-
• Level 2: Combined Function Automation. ing. The particular vulnerability used by the
Two primary control functions are automated hackers was ultimately ixed by Fiat Chrysler,
and designed to work in unison, like adaptive Jeep’s parent company, through a software
cruise control and lane centering.
patch. The reality remains, however, that
• Level 3: Limited Self-Driving Automation. other vulnerabilities will likely exist in cur-
Full control of driving functions switches back rent and future vehicles. Manufacturers can
and forth between the driver and the vehicle respond with software upgrades that close
depending on conditions.
exploits, as Fiat Chrysler did in the Jeep hack,
• Level 4: Full Self-Driving Automation. but these ixes are likely to come only after a
The vehicle performs all safety critical driv- successful cyber attack has occurred.
ing functions.
As automation increases, and more critical
As a vehicle moves from one level to the control systems are operated by the vehicles
next, the prevalence and sophistication of in- themselves, the potential for cyber attacks
vehicle technology increases to support the resulting in loss of control of these systems,
more advanced automated functions. Some like steering, increases. This situation is espe-
of these technologies are already considered cially true because no uniform cybersecurity
standard in most vehicles. For example, rear standards for vehicles exist, and regulation,
and front facing cameras, Bluetooth, GPS, though proposed, has yet to be enacted to
proximity sensors and cellular data connec- set industry standards. The result of a lack
tions can be found in almost all new vehicles
on the road today. Fully automated vehicles,
which are currently being tested, use these The data connections and
existing technologies in addition to new tech-
nology such as RADAR, LIDAR, ultrasound, sensors necessary for automat-
vehicle-to-vehicle (V2V) communications and
vehicle-to-infrastructure (V2I) communica- ed driving provide entry points
marcumllp.com/nylj
tions, in making automated driving decisions. for cyber attacks that can com-
These technologies collect data that is used
by an algorithm to make driving decisions as a promise the security of the data
substitution for human driving. As automated collected and the operation of
functions become more advanced, more data the vehicles themselves.
will be collected, and more sophisticated algo-
rithms will be utilized to analyze the data and
perform the functions. While the potential of uniform standards is fragmentation within Choosing your valuation
beneits of this technology are innumerable, the industry, with different manufacturers
from a safety perspective, the technology also utilizing different standards and no mini- and litigation specialists
presents signiicant cybersecurity risks. The mum standards in place. Although public
shouldn’t be a gamble.
data connections and sensors necessary for relation and litigation risks posed by cyber
automated driving provide entry points for attacks should lead manufacturers to strive to
cyber attacks that can compromise the secu- develop secure systems, a regulatory scheme
rity of the data collected and the operation that imposes both minimum standards and
of the vehicles themselves.
remedial measures may be necessary to
ensure uniform cybersecurity throughout the
Vehicles Under Attack
industry. The risks of cyber attacks posed to
vehicles with automated driving technology
There are two main categories of cyber- implicate legitimate concerns for individual
risks posed to vehicles with automated attacks, terrorism and cyber-ransom.
driving capabilities: (1) cyber attacks that The same cybersecurity laws that can
pose a risk to the operation of the vehicle; result in an attack on the operation of a
and (2) cyber attacks that pose a risk to the vehicle with automated functionality also
security of the data collected by the vehicles. present risks to the security of the data col- Our dedicated litigation and valuation practice provides exceptional client service
While cyber attacks aimed at disrupting the lected and stored by these vehicles. The on forensic accounting, fraud accounting, business valuation, and matrimonial
operation of the vehicle or one of its auto- number of cyber attacks on traditional com-
mated functions presents the most profound puter networks resulting in data breaches matters. As one of the largest and most experienced forensic accounting and
safety risk, both forms of cyber attack can has increased steadily each year with an valuation practices in the New York metropolitan area, we invite you to get to
know us.
be disruptive and costly.
estimated 113 breaches reported in 2015
The concept of a hacker taking control of resulting in the compromise of at least 150
a vehicle with automated driving technology million records. As more data is collected Below are the partners who are in charge of our department:
is by far the most talked about issue relat- and stored by vehicles in conjunction with
ed to vehicle cybersecurity. The concerns advanced automated driving functions, cyber Harold L. Deiters III, Partner Henry B. Guberman, Partner Jean J. Han, Partner
related to this type of cyber attack are far attacks aimed at compromising that data CPA, ABV, CFF, CGMA, CFE, MAFF CPA, ABV, CFF, CFE, CDFA CPA, ABV, CFF, CDFA, JD
from unfounded, and successful attacks become more attractive to hackers.
have been demonstrated already on existing Vehicles with automated driving technol-
Connect with us:
model vehicles. For example, the 2015 proof ogy collect and analyze a tremendous amount bakertilly.com
of concept hack of a Jeep Grand Cherokee, of data as part of the automated driving pro- 212 792 4846 | 631 719 3456
covered by Wired Magazine, resulting in the cess. Most of the data collected is relatively
disablement of the vehicle while in operation benign, such as video captured by cameras, © 2016 Baker Tilly Virchow Krause, LLP
on the highway, demonstrated the reality of readings generated by proximity sensors, that Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International.
the risks posed by vehicle cyber attacks. The
amount to mere observations » Page S10