It’s a good time to start talking about the increasing reliance vehicles have on internal computers and how this impacts your safety, security and privacy. I'm going to cover the current cyber security vulnerabilities in these on-board computers, discuss what the future of increased car automation will mean and provide guidance on how to protect yourself against these car hackers!
Current Vehicle Cyber Threats
Driven by major advances in safety and efficiency, modern vehicles are no longer just mechanical machines. They are machines that absolutely rely on and are controlled by internal computers called Electronic Control Units (ECUs). A modern vehicle has as many as 20-100 of these ECUs connected and communicating with each other over internal networks. Control Area Network (CAN) is the most common type of network. Each ECU is connected to sensors and actuators and is typically responsible for a single vehicle function such as ABS brakes, steering angle, fuel level and so on. ECUs which support features that communicate with the outside world such as telematics, Bluetooth, Wi-Fi and mobile networks are also connected to these internal car networks and other ECUs.
Based on research from multiple sources including The University of Washington and the University of California, it has been conclusively demonstrated that once an adversary is able to access virtually any ECU, they can effect serious changes to safety-critical systems such as breaking and steering if the car supports digital access to them.
How Are Cars Hacked?
- Physical attacks - Inserting a storage device such as USB or CD into the media player, attaching diagnostic equipment which is infected with malware (diagnostic equipment at repair centres often sit on the Internet).
- Short-range remote attacks - Bluetooth and Wi-Fi
- Long-range remote attacks - Through telematics and calling the car’s built-in mobile phone modem
Any of these methods then needs to exploit a vulnerability within the ECU to take control and remain active within the vehicle after disconnecting. For example, a call could be made to a car’s cellular modem and an audio signal sent encoded with an exploit payload to access the ECU. The attacker, if they were so inclined, could then take control of the steering forcing the vehicle off the road at speed. This is not speculation; these vulnerabilities have been discovered. Researchers and white-hat hackers have demonstrated these types of attacks on many vehicles. In addition, modern vehicles are now increasingly storing journey, location and personal information within the local vehicle storage, plus sending that information via telematics to the manufacturers. Meaning, sensitive information is potentially accessible to an attacker via your car’s ECUs, too.
How Vulnerable Is Your Car?
Will Your Car Get Hacked?
Assuming you have a vehicle that is less than 20 years old, it is likely to have ECUs digitally supporting mechanical functions. We can consider means, motives and opportunity for potential attackers.
- Current Means - Each ECU has custom hardware and software. The networks which ECUs communicate over often do not conform to standards. This means that every vehicle’s ECU and network can be different. This slows down any attacker. Any adversary would need to write a custom exploit for your vehicles components and ECU. This requires time, effort and skill. But once an attacker has found a vulnerable vehicle, any other vehicle that shares that component is also vulnerable. The ECUs and the CAN are sufficiently different in each vehicle, making the required resources of time and skill quite high. Additionally, some mechanical and other security safeguards exist in varying degrees of effectiveness. For example, ECUs require authentication for communication. Something called SecurityAccess is used, which is a challenge response authentication protocol. Unfortunately, relay attacks and reverse engineering can bypass this authentication method rendering it useless. Currently, a high level of resources is required to target specific vehicles or to attack multiple vehicles with different digital components.
- Current Motive - There isn't too much of a reason to invest resources into hacking cars. There is little real financial incentive for criminals and hackers. Only the odd edge case provides motive. Examples of edge cases could include a nation-state wanting to track a political dissident or maybe a well-resourced "organisation" wanting to covertly assassinate someone. There are rumours that assassinations have already happened through cyber attackers on vehicles but nothing has been proven yet.
- Current Opportunity - Older vehicles only have simple ECUs or none at all. Only modern vehicles support features that can be controlled digitally.
Therefore, the chance of your car being hacked today is minimal, unless you happen to upset a well-resourced adversary such as a nation-state!
Future Vehicle Cyber Threats
Vehicles will become increasingly reliant on computerised technology to the point where they are completely controlled by them and self-driven. Self-driving technology is already here and our once mechanical-only car will become a mobile artificial intelligence. As the technology increases, our reliance increases and the need for solid security becomes paramount. Complexity is a nemesis to security. The advances in computerised complexity must be matched with a solid process of building cyber security into vehicles from the ground up. Technologies such as Intelligent Park Assist, radar cruise control, Lane Keep Assist and Pre-Collision System will become standard features like electric windows are today. App stores for vehicles are already here where you can download via mobile networks new automotive applications. In development are vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2X) communications systems, and 5G is planned to be used with self-driving vehicles. All this new technology increases the possible attack surface of your vehicle.
- Future Means - If security is not taken seriously and built from the ground up when designing vehicles, then it will become increasingly easier to hack into vehicles due to standardisation, increased knowledge of how to do it and public exploit kits and research.
- Future Motives - With increased reliance and increased functionality, more and more features will be added to vehicles. Useful confidential information within the vehicle will be standard such as payment, location and personal data. The sort of information you have in your phone or laptop will also likely be available and a target within your vehicle. Well-resourced adversaries, terrorists, law enforcement and nation-states will develop attacks against automotive vehicles for cyber warfare and real warfare. Minimally resourced groups will develop attacks for financial gain.
- Future Opportunity - All vehicles will have sophisticated automation technology making targets ubiquitous.
So unless serious security is built into future vehicles, we can expect a hacker-fest with potentially serious consequences!
What Can You Do to Secure Your Car?
Vehicle and component manufacturers are new to cyber security and it is far from being core to their current business. They need to develop cyber security capabilities but they won't do this unless there is a business reason for it. Physical security and safety are features and benefits that can be understood and sold to customers. Cyber security is less tangible and not yet on the mind of the consumer.
As consumers, if we want more advanced technology integrated into our vehicles, we need to also demand security for this technology. We must start to question the security features that have been built in and then demand it so the industry and governments respond to the demand. Vehicle and component manufacturers will not take cyber security seriously until forced to by consumers or until it becomes a "feature" that can be marketed and sold. Security costs money and money won't be invested unless the need is forced. Standards and laws need to be developed for vehicle cyber security that manufacturers then comply with. We must refuse to buy from manufacturers who cannot demonstrate that they are taking security seriously. Otherwise, we will end up driving vehicles vulnerable to these cyber physical attacks impacting our safety, privacy and security.
What are your thoughts? Add your comments below.