On July 14, Mohamed Lahouaiej Bouhlel drove a 19-ton cargo truck into a crowd at a Bastille Day celebration in Nice, France, killing 84 people. He carried out the attack on behalf of the Islamic State terrorist organization.
Bouhlel was shot dead by police, a typical consequence for those who carry out jihadist attacks. However, an emerging technology seems as though it could take the suicidal terrorist out of the equation entirely: the autonomous truck.
Autonomous trucks operate in much the same way as self-driving cars, using Wi-Fi-connected artificial intelligence. Anything that uses Wi-Fi can theoretically be hacked, including vehicles, as revealed last year in St. Louis, Missouri, when hacker duo Charlie Miller and Chris Valasek demonstrated how easy it was to hijack a Jeep Cherokee's brakes, dashboard functions, steering and transmission by remotely hacking into its Wi-Fi-connected entertainment system from a laptop 10 miles away.
Does this mean that it's possible an attack such as the tragedy in Nice could happen again, this time carried out by someone controlling the vehicle from a remote location?
There are currently only a few hundred of these trucks in operation, and the prevailing concern is not that they could be used in terrorist attacks but that they will put many truck drivers out of work. Still, as the technology becomes more prevalent, it's worth asking what the risks might be in the future.
Autonomous trucks are predominantly in operation overseas. The Tokyo-based heavy-equipment company Komatsu Ltd. has been operating a small fleet at Codelco's Gabriela Mistral copper mine in Chile since 2008. Last year Alberta-based Suncor Energy signed an agreement to buy 175 trucks from Komatsu, with plans to make its entire fleet autonomous by 2020.
There are also approximately 50 autonomous trucks in use in the mines of Pilbara in Western Australia. And last year the Nevada Department of Transportation granted the first license for an autonomous commercial truck to operate in daylight on the state's public highways in order to test its real-world capabilities. Although this truck operates at autonomy level 3, meaning a human driver still needs to be behind the wheel to take full control in critical traffic and environmental conditions, it is expected the driver will be needed only for occasional control.
Michelle Culver, a spokesperson for industry research firm IHS Markit, said these numbers will likely grow in the coming years, particularly when it comes to trucks in the Class 8 segment, whose weight exceeds 33,000 pounds when hauling freight.
"Within the next 10 years, IHS Automotive analysts expect that autonomous heavy trucks will gradually grow into the market and potentially hit the 20,000-unit annual sales mark in the United States by 2025, most of which will be expected in the Class 8 segment," she said. "Autonomous truck sales could reach 60,000 annually by 2035. That would amount to 15 percent of sales for trucks in the big Class 8 weight segment."
In other words, the trucks are coming.
So how worried should we be about the possibility of a terrorist using one as a remotely guided weapon? According to Jeremy Anwyl, CEO of Trucks.com, the scenario is not entirely likely, but even if it's the product of baseless paranoia, it couldn't hurt to give it some thought, he said.
"Paranoia is a good thing, because it will cause technology providers to take the risk seriously and prevent it from ever happening," he told CNBC.com. "It's one thing to protect our phones, but this is a whole other level of risk."
Anwyl said that well over 50 percent of new vehicles being sold today have some form of connectivity, and he cited the St. Louis, Missouri, Jeep Cherokee "hijacking" test as a good case study in demonstrating the risk of this reality.
"More and more vehicles today have some form of access to the internet, and somebody could hack into that signal," he said. "If a truck communicates its location, speed and fuel level to headquarters, somebody could intercept that message and trick the truck into thinking the person was fleet headquarters. It's not an easy thing to do, but anything's possible."
Anwyl explained that the autonomous vehicle's wireless safety features present hackers with their biggest, juiciest opportunities. The technology that allows an autonomous vehicle to wirelessly inform another that it's coming around a blind corner is, ironically, where hackers would find the most vulnerabilities.
"Anytime you have wireless technology like that, there's an opportunity for a bad actor to hack into that system," he said. "In theory it would be possible for someone to take over a 70,000- or 80,000-pound vehicle.… If it was a fuel tanker, they could drive into anything and cause a big explosion."
Chris Finan, former director for cybersecurity legislation and policy under President Obama and current CEO and co-founder of Manifold Technology, a start-up that offers security technology to financial institutions, agreed this scenario shouldn't be dismissed.
"We've seen vulnerability researchers in the last year or so prove that this technology can be hacked," he told CNBC. "Really great hackers aren't always the smartest people, but the most creative. You succeed because of cleverness, not because you have the best technology. They always have the most clever ways of finding vulnerabilities."
When CNBC asked Finan if the Nice attack could be replicated elsewhere with an autonomous truck, his answer was an unequivocal "yes."
"The hypothetical of remote reprogramming is plausible," he said. "You could have a malicious actor or group that would reprogram a truck and use it as a missile as a way to target bystanders."
Finan added that one way of preventing such hacks was to use open-source technology, which is available to be viewed and updated by anyone from the general public, in a truck's programming.
"If you use open-source technology, you get millions of eyes on it, instead of just a few, on the type of bugs that hackers would exploit," he said. "In general, open-source code tends to be more secure, because you have so many people looking at it and finding flaws more quickly."
Finan hastened to add that while the scenario is possible, it's unlikely to transpire anytime soon, due to jihadists' attitude toward technology.
"This isn't something people need to freak out about happening tomorrow with radical Islamists," he said. "They view cyberspace as a recruiting space, not as a threat delivery system. It's very possible that in the future that could change, but they've got very many people willing to be programmed to die carrying out these attacks."
—By Daniel Bukszpan, special to CNBC.com