Hacking cars: remote access and other security issues
The saturation of modern cars with electronics is fraught with threats. Researchers have already managed to take control of the braking system by remote methods, organize wiretapping of conversations inside the cabin and do many other dirty tricks.
Linda Melone. Car-hacking: Remote Access and Other Security Issues,
www.computerworld.com
Needs attention
One of the employees of the Texas Auto Center in Austin, dissatisfied with his dismissal, decided to attract the attention of the former employer in a non-trivial way. He hacked into the company's computer network and remotely triggered a vehicle-blocking system that turned off the ignition and triggered horns on more than a hundred vehicles. The autocenter set up such a system to influence customers who were late in payments.
Of course, uncontrolled beeping is annoying, but it is not fatal. But the sudden shutdown of the engine from unsuspecting drivers could have fatal consequences. And although most experts agreed that in this case the risk was not too great, breaking into a car is one of the offenses to which you need to respond appropriately.
As the computerization of vehicles deepens further, observers express concern about the growing number of vehicle vulnerabilities. In theory, hackers could immobilize vehicles, spoof GPS signals, or otherwise endanger employees, customers, and the company in general.
Survey results show that the security and privacy issues associated with connecting cars to a variety of networks are of great concern to consumers. For their part, vehicle manufacturers assure that the addition of new features is based on market requirements and that it is done very carefully.
Modern engines bear little resemblance to those widely used in the past. The original automotive propulsion system consisted of several mechanical devices assembled around an internal combustion engine. But over the past 20 years, cars have evolved into a complex network that includes 50 to 70 independent computers and electronic control units, processing up to 100 MB of binary code.
The electronic control unit measures the amount of oxygen in the exhaust gases and regulates the fuel-to-air ratio in the combustion chamber, which improves engine efficiency and reduces environmental pollution. Over time, such electronic components have been integrated into almost all vehicle components, including airbags, steering, brakes and other real-time systems.
In the mid-1990s. car manufacturers began to equip their products with more powerful electronic control units with peripheral devices connected to them. GM's OnStar system, for example, was a combination of a GPS receiver, an emergency unit, and vehicle recovery tools. Cars equipped with the OnStar system could perform self-diagnostics on the fly, identify faults and alert the driver of breakdowns requiring a visit to a car service.
Electronic control units connected to each other and connected to the Internet, leaving car computers vulnerable to the same digital threats (viruses, Trojans, denial-of-service attacks, etc.) that are now everywhere hitting PCs and other networked devices.
|
|
| AT&T showcased the new Ford Focus Electric at the CTIA Conference in May 2012 in New Orleans. MyFord Mobile, which connects to AT & T's wireless network, allows you to remotely access your machine using standard wireless technologies. Security professionals worry that standard technology will open the door for hackers to compromise vehicle electronic systems. |
Usually, with the help of additional systems, key components of the car are locked in the event of theft and then unlocked after the danger has disappeared. It's not about breaking into a car or creating new functionality that didn't exist before. But this does not mean that this cannot happen in principle. “Through our research, we have shown that software vulnerabilities can penetrate vehicle electronic systems and create completely new functionality that was not previously supported,” said Stephen Savage, professor in the Department of Computer Science and Engineering at the University of California, San Diego.
GM's OnStar service, which helps, among other things, to restore the functionality of a stolen vehicle, is currently the only option of its kind offered by a service provider as standard. However, the range of vehicles that can be blocked by competent intruders is much wider.
The incentive to act insane
A little consolation is that hacking an intelligent system will require a fairly serious investment. And now, instead of organizing a complex computer attack, it is much easier for cybercriminals to use the usual set of master keys.
“The scenario we saw in Austin couldn't have happened with an offline system,” said Dan Bedor, a senior executive at Nissan North America. “Our vehicle control modules are separate systems that are not networked. Therefore, the scope of any break-in is limited to only one vehicle. If 100 cars are immobilized at once, we can confidently talk about the presence of additional equipment or software installed by a service provider. This is exactly what happened in Austin. "
Nevertheless, with vulnerabilities in computer systems of cars, the transition of hijackers from physical penetration to computer penetration is just a matter of time. And the most likely scenario is attacks by disgruntled employees that can cause the most serious damage.
Internal threat
There are two main ways an attacker can theoretically gain access to the internal car network. The first of them involves physical access through any person who is inside the car for a while. An attacker can connect dangerous components to the internal network through the OBD-II (one-board diagnostic) port, usually located under the dashboard. After a short communication session, the malicious program penetrates the electronic components of the vehicle.
Likewise, malicious components can be introduced before the car is sent to the dealer or when the owner of the car purchases additional equipment (such as a music system or an alarm).
Savage demonstrated software that, having seized control of a car, accessed the attacker's servers via the Internet for further instructions. After that, the attacker can perform any operations he wishes: block the car, listen in on conversations inside the passenger compartment, turn on the brakes, etc.
Access can also be obtained through wireless interfaces. "Cars are now not only being equipped with a large number of internal computing devices, but are also beginning to increasingly venture out into the outside world," said Franziska Resner, a researcher at the University of Washington's security and privacy laboratory.
Hacking BMW via diagnostic port
Theft of BMW cars in the UK has risen after thieves discovered how to bypass the alarm system. With the help of devices connected to the OBD port, attackers program blanks for key fobs and keys, and then drive away the stolen cars.
Analysis shows that all thefts are committed in the same way. After entering the car through a broken window or by installing an electronic jamming station in the immediate vicinity of it, blocking the signal from the key fob and preventing the car from being armed, thieves connect to the OBD-II connector. Then they get a unique digital key ID, program their own key fob, insert the key and steal the car.
According to Gavin Ward, BMW's UK media relations manager, the company is aware of this and is therefore looking for ways to protect against such a breach. Through the specified gap in the security system, you can get into any BMW model, from the first to the X6.
Studies have shown that the OBD-II port has become the main entry point for intruders into the computer system of a car. Through this port, they gain access to the buses of the main network controllers, as a result of which they are able to subordinate all the components of the car to themselves in full.
Hackers can also infect car computers with malicious code through a music disc or song file that suddenly comes to life on an iPod or other player. Another option is associated with the installation of a program that attacks the car's multimedia system when it is connected to the Internet.
«В настоящее время Интернет рассматривается лишь как гипотетически уязвимое место, – сообщила Реснер. – В ходе наших исследований мы записали зловредный файл на CD, и он проник внутрь системы через уязвимость в аудиокомпонентах. Таким образом, было доказано, что хакеры, имеющие доступ к автомобильной сети, способны установить полный контроль над большинством компьютерных компонентов машины. Это позволит им совершать самые разные опасные действия, в частности, отключать тормоза и световые приборы. Мы показали также, что атакующие могли бы использовать обнаруженные уязвимости, для того чтобы вести шпионскую деятельность. В качестве примера здесь можно привести извлечение конфиденциальных данных GPS из системы с последующей отправкой их заинтересованным лицам. А если хакер сумеет перепрограммировать компьютерную противоугонную систему, автомобиль без особого труда в любой удобный момент можно будет похитить».
Most of the risks are associated with an increase in the number of computer-controlled components that are not available for manual control, as well as with connections to the outside world via the Internet or wireless communication channels.
Law enforcement transport
Attacks on law enforcement vehicles pose a threat to the lives of both police officers and bystanders. In June, the Arizona Public Safety Directorate fell victim to hundreds of confidential law enforcement files on the Internet in protest against a new law it deemed racist.
In the attack, the hackers seized the accounts of Arizona state and law enforcement officials and released their credit card information, photos, emails, and documents, including lists of addresses, names, and passwords of other Arizona police officers.
“If attackers gain access to our vehicles by hacking into, say, our GPS system, many officers are in real danger,” said Stacy Dillon, spokeswoman for the Arizona Public Safety Department. "And in the event of a failure of the GPS system, the reserve vehicles will not be able to quickly reach their destination."
The police department is already taking certain security measures. So, if a patrol car stands still for 45 minutes for any hour, the system automatically issues a corresponding signal to the dispatchers, and they already contact the crew.
|
|
| The May 2012 show in Hong Kong featured the $ 515,000 Jaguar XJ Ultimate luxury sedan with an iPad attached. Some observers fear that it is through this computer that cybercriminals will be able to penetrate the electronic systems of the car. |
Rick Perin, vice president of the Mesa Police Union, agrees that hackers can stop police cars. “Our vehicles use a GPS map that is constantly updated,” he explained. “Among other things, it informs the dispatcher where the patrol car is. Interfering with the GPS system can send the crew to a completely different part of the city, putting their comrades in danger. "
"Hackers are most likely to infiltrate through ancillary products," said André Weimerskirch, CEO of embedded security company Escrypt. “Therefore, it is very important for business owners who use assistive technology to equip their fleet with, say, GPS systems, it is very important to think carefully about all safety-related issues from the very beginning.”
Ancillary products work in a similar way to the remote engine start system that is often found in auto dealerships. Remote start tools compromise the integrity of the anti-theft system and make it easier for attackers to steal your vehicle.
Threats are known, but not too urgent yet
“Indeed, we can remotely lock the brakes of a car thousands of kilometers away from us, but this danger is now not obvious and not so obvious,” said Savage. - Hacking of this kind requires a lot of financial and time costs. To begin with, the attackers will have to purchase a car similar to the one they intend to hack. There must be good enough reasons for that - hardly anyone will undertake to solve such a problem for free. And given how much money and time will have to be spent, I don’t think the current threat is that urgent. ”
Despite the fact that the danger of hacking cars is not yet very acute, manufacturers pay serious attention to relevant research. “All the manufacturers we have information about are now spending more energy and resources on safety research than they did in the past,” Savage said. "True, the situation is complicated by the fact that no one thought about it before."
The good news is that car manufacturers quickly got their bearings and began to apply the same techniques that are used in the PC industry. They repair identified security holes, implement integrated code launch prevention tools, and other hacking countermeasures. However, to obtain the expected economic effect, much needs to be standardized.
The industry's main standards body, the Society for Automotive Engineers (SAE), is trying to implement safety measures based on work that has already been done. But since there are so many different components involved, it takes time to get the right results.
What's next
Research has shown that diagnostic tools used by auto repair shops are a potential source of attacks. These tools can be applied to exploit vulnerabilities in vehicles. Therefore, owners need to exercise caution when allowing unauthorized access to the OBD-II diagnostic ports of their vehicles.
In addition to individual auto companies, the US Department of Transportation is also showing interest in this issue. The United States Council for Automotive Research (USCAR) and SAE have already formed working groups dealing with vehicle computer security.
“Now is the right moment to thoroughly analyze this problem and think about possible ways to resolve it,” said Savage. - So far, car manufacturers and owners have no reason to panic. We are in close contact with the automotive industry and are committed to moving forward on related issues. Obviously, in five to ten years the situation here will become clearer. "
.jpg)
.jpg)
