Whilst we are still a long way off from driverless cars being on the roads in the UK, many cars now come with a range of driver assistance features. These include features such as automatic emergency breaking (AEB), cruise control, lane centring or lane departure warnings.
But as we move further towards automation and cars become more connected to their external environment to enable this automation, new risks will present themselves. And one area of concern is that that linked to the cyber risk of connected vehicles.
Cyber risks linked to connected and autonomous vehicles
Even today’s vehicles are increasingly connected through the IoT, telematics systems, infotainment systems and apps. And this article from Fleet News points to some of the cyber risks which can be faced as vehicles become increasingly connected. With more data and connections, the possibility for cyber-crime increases.
- Hijacking – this could be of the vehicle itself or technology which the vehicle relies on. For example, hacking of apps to enable remote access or the ability to supress theft alerts
- Ransomware – targeting the businesses upon which vehicles rely for technology to keep them running
- Data theft – with increasing reliance of data there is the potential for theft of data or exposure of personal data
If we are to move towards vehicles which are truly autonomous then an even more significant number of connections will be required. Increasing not only the cyber risk but also the potential to do harm should an attack happen.
What impact could these cyber risks have on drivers and fleets?
Drivers and fleet managers could face a range of risks linked to cybercrime involving connected vehicles.
From the issue of theft of a vehicle made possible through the hacking of apps and other connected technology. Through to the possibility that it could become impossible to run a fleet of vehicles because a supplier suffers a cyber-attack which affects technology that the fleet relies upon.
Loss of data and the impact this could have under GDPR is another area businesses will need to be mindful of.
Vehicles could also be out of action as manufacturers recall vehicles to resolve cyber vulnerabilities and there may be increased maintenance required.
All of which will have financial costs and impact the ability to do business.
How will insurance need to respond to these new risks?
From a business insurance perspective, cyber insurance is accessible. And it is an area which must not be overlooked. It can provide a wide range of cover should your business be the victim of a cyber-attack. However, do bear in mind that whilst cyber insurance cover is available, as the risks of cyber-attack are now so apparent, insurers are becoming wary of extending cover to customers who are not fully focused on risk management.
But from a motor or vehicle insurance perspective there is still work to do as we see vehicle technology continue to develop. With new risks come new insurance requirements.
This article points to the issue of data. Much of the fully connected vehicle technology is still in the test phase and as such no real-world data exists as to the full extent of the threat which may be posed. The Association of British Insurers (ABI) has set up the ‘Autonomous Driving Insurance Group’ to work with motor manufacturers, run track tests and obtain information of new technologies to inform and help insurers prepare for the time when connected and automated vehicles are on our roads.
One key issue which this does all raise though is that of liability. Currently the driver is liable for any accidents caused. But when we move into a world of connection and automation, this is likely to shift. This BBC article points to the fact that major legal changes will be needed when we do move to having driverless cars on the UK roads. And that the area of liability is likely to need to shift from the driver to the company who are behind the driver system. But where would liability stand if a cyber-attack were responsible for the driver system going wrong? This will be another key issue which will need to be addressed.
If your business has any questions over the type of insurance that you require to manage the risks that you may face, do chat to our teams at Anthony Jones. New risks present themselves continuously and it is important that you keep up with them to protect your business. That is where we come in at Anthony Jones, as an insurance broker we have significant experience in risk management and relationships with a wide range of insurers which makes us well placed to offer you the informed insurance advice.