In our previous blog post we’ve reviewed the different phases in a targeted car cyber attack. As cars become more intelligent and drive themselves, we are increasingly susceptible to our vehicles being hacked.
In this post we’ll dive deep into the intrusion phase.
Today’s vehicles are not self-contained.
Before the arrival of vehicle connectivity, cars were deemed to be self-contained systems with wired, peer-to-peer networks connecting systems and components. The design assumptions and use cases were based on the fact that the connectivity of equipment would be confined to a local system. This constrained environment meant that designers only had to provide basic security measures. Getting physical access to the vehicle was a pre-requisite to launch any attack. Due to this, the attack surface was small.
Vehicles are now another node in the internet.
However, with the vehicle connected to the internet or a larger communication network, it becomes another node of the network and its attack surface increases. In addition, as manufacturers find new ways to leverage connectivity and the IoT, so new attack vectors are created.
Currently the systems most vulnerable to cyber-attack are:
Communication intercepts, such as keyless entry and tyre pressure sensors
Direct network access via the OBD port
The intrusion of a vehicle could be done via one of one of those prone systems, enabling attack on all in-vehicle systems.
For example, an attacker connecting remotely to a vehicle’s infotainment system could, through the CAN Bus, gain control of an ECU controlling the autonomous emergency braking, or lane departure systems; which are both safety critical.
The problem with most of the devices on the perimeter is that they are connected to the CAN bus.
After initial development by Bosch in 1983, the CAN protocol was officially released in 1986 and was first featured in production vehicles in 1989. In 1993, the International Organization for Standardization (ISO) accepted CAN as a standard and published ISO 11898 for road vehicles. Since then, CAN has been used as a standard for practically every light-duty vehicle currently in circulation today, and was being pushed to be the only acceptable one in the US federal courts.
Why would the various devices and systems in a car need to be connected to each other? The various in-vehicle subsystems should be able to function automatically, especially in times of emergency. For example, CAN enables your infotainment or safety system to receive messages from your car’s airbag system to know whether or not it needs to phone home in the event of an accident. It can also enhance your driving experience. For instance, your infotainment system can turn up the volume of the car’s audio once it reads the signal from your engine control system that you are currently stepping on the gas. That way, you can hear the audio over the engine’s increased volume.
At the end of the day it’s up to manufacturers to ensure the security of the connected vehicle while keeping pace with consumers’ demands for enhanced media offerings. This can only be achieved through highly adaptable and thorough security solutions.
In our next blog post we’ll explain how to protect vehicle from intrusions.