Connected cars: open road for hackers

As computers increasingly control vehicles, among other critical devices and systems, the potential for malfunction or manipulation that causes human harm rises dramatically.

Tags: FireEye (www.fireeye.com)Internet of Things
  • E-Mail
Connected cars: open road for hackers A vehicle’s increased connectivity, ever-expanding attack surface, and high upfront cost make them attractive ransomware targets, Abukhater observed.
By  Mohammed Abukhater Published  July 19, 2017

The functions of most of the vehicles on the road today are controlled by software that accepts commands from a diverse array of digital systems, designed to make a consumers life easier.

However, this software contains millions of lines of code, and in these lines of code there may be vulnerabilities that can be exploited by individuals with malicious intent. The acceleration of the “Internet of Things” (IOT) revolution has increased the connectivity of passenger vehicles, which is likely to impact average consumers significantly.  Unfortunately, as consumer demand drives ever more features, the opportunities for compromise will increase as well.

The scourge of ransomware has so far affected thousands of systems belonging to individuals, hospitals, and police stations. A vehicle’s increased connectivity, ever-expanding attack surface, and high upfront cost make them attractive ransomware targets. In contrast to ransomware that infects ordinary computer systems, vehicles are more likely susceptible to ransomware attacks when their disablement causes knock-on effects.

For example, where a single driver might be able to reinstall his car’s software with the help of a mechanic to remedy a ransomware infection, a group of vehicles disabled on a busy highway could cause far more serious disruption. Victims or municipal authorities may have little choice but to pay the ransom to reopen a busy commuting route. Alternatively, a logistics company might suddenly find a large portion of its truck fleet rendered useless by ransomware. The potential for lost revenue due to downtime might force the company to pay the ransom rather than risk more financial losses.

One effective law enforcement tactic in countering cyber espionage and criminal campaigns is identifying, locating and seizing the systems threat actors use to route malicious traffic through the Internet. Since many modern vehicles can be better described as a computer attached to four wheels and an engine, their mobility and power present challenges to this means of countering threat activity.

Locating vehicles used to route malicious traffic would present a major challenge to law enforcement investigation, largely due to their mobility. We have not yet observed threat actors using connected vehicle systems to route malicious traffic, but it is most likely that a vehicle would be used as a final hop point to the intended target network. The perpetrators may use the vehicle only once, choosing to hijack the connectivity of a different vehicle on their next operation, and so on. This ever-changing roster of potential last-hop nodes situated on highly mobile platforms may allow threat actors to elude law enforcement for extended periods of time.

These new risks point to the need for automotive manufacturers and suppliers to not only ensure the traditional operational safety of their vehicles, but to also secure both the vehicle’s operations and occupant privacy.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code