THE HACK: A car’s telematics system, which can notify police in the event of a crash, remotely disable a stolen vehicle, and offer diagnostic information to customers, can also interface with multiple vehicle systems. Therefore, after gaining access to the telematics system, it’s possible to control the systems connected to the CAN bus. A hacker could, for example, disable a car’s ignition the same way an anti-theft system would.
THE DEFENSE: To demonstrate this kind of hack, researchers had to master and reverse-engineer an entire telematics system. Still, forward-looking automakers are already beefing up the security of external communications and in-car networks. OnStar, for example, has a “white list” of approved computers that are allowed to connect with cars.
MP3 MALWARE
THE HACK: Naughty boy. You downloaded your Odd Future tunes from an unauthorized file-sharing service. Little did you know that version of Goblin contains code that battles its way to your car’s CAN bus and disables your brakes.
THE DEFENSE: As infotainment systems gain functionality, carmakers are shielding them from more vital components without jeopardizing vehicle integration. “We harden all our safety-critical systems,” says OnStar’s security chief Gassenfeit. GM’s newer cars, such as the 2011 Chevy Volt, verify any data sent between two systems the same way online retailers process credit cards.
UNAUTHORIZED APPS
THE HACK: Just as smartphone manufacturers have app stores in which thousands of programs developed by third-party companies are available for download, carmakers are expanding their infotainment offerings through downloadable software. If a rogue app contains malware or a virus, however, it can infect your car without your knowledge.
THE DEFENSE: Carmakers are very strict in selecting which apps make it onto their systems. Ford’s MyFord Touch and Toyota’s Entune allow only a handful of preapproved programs, while GM’s MyLink goes so far as to route all software through remote servers so that users won’t inadvertently install infected apps on their cars.
OBD-II
THE HACK: The researchers at CAESS wrote a program that searched for and exploited vulnerable communications points where vehicle systems interface. They installed that program onto the car’s CAN bus through the OBD-II port. Once on the network, the program could control every system from the windshield wipers to the brakes. This is the most direct way to hack a car, as it sends code directly to the CAN bus.
THE DEFENSE: Until recently, most of the data sent among vehicle systems had not been encrypted, leaving cars wide open for enterprising hackers. Now, carmakers are starting to adopt routine security protocols from the information-technology field, such as protecting files with digital signatures. “What’s pretty much standard IT is now being applied to the automotive sector,” says Gassenfeit.
DOOR LOCKS
THE HACK: In most modern cars, the power-locking mechanism is connected to other vehicle systems so that doors can lock automatically when a car is put into drive and unlock if the airbags have been deployed or the keys are locked inside. That interconnectivity, theoretically, means that the locking mechanism can be breached to access other systems. If accelerating can engage a car’s power locks, a skilled hacker could use the power locks to force that car to accelerate.
THE DEFENSE: Infotainment and onboard diagnostic systems are still linked by a physical connection to the module that controls functions such as steering and braking, but on some systems, such as Ford’s, that connection goes only one way. “The only thing we allow is for the real-time module to send messages in one direction,” says Ford’s Strader.
KEY FOB
THE HACK: It sounds like one of those warnings that shows up in chain e-mails every few months, except it’s true. A wireless key fob is supposed to unlock and/or start the car only when the person holding the key-fob is directly next to the vehicle or already sitting inside. However, Swiss researchers have found a way to intercept and extend the signal up to 30 feet with parts that cost less than $100. The setup doesn’t replicate the signal—it just extends its range so the car thinks the key fob is closer than it actually is.
THE DEFENSE: There’s not much a car manufacturer can do here. These hackers haven’t broken the key fobs’ encryption in any way—they’ve just extended its range with a radio repeater. So keep an eye out for anyone loitering in a parking lot and holding a homemade antenna.
Topic: How cars security are exploited and counter measures-- must read for car owners (Read 1668 times)
