Automotive hacking
Automotive hacking includes the exploitation of vulnerabilities within the software, hardware, and communication systems of automobiles.
Overview
Modern automobiles contain hundreds of on-board computers processing everything from vehicle controls to the infotainment system. These computers, called Electronic control units (ECU), communicate with each other through multiple networks and communication protocols including the Controller Area Network (CAN) for vehicle component communication such as connections between engine and brake control; Local Interconnect Network (LIN) for cheaper vehicle component communication such as between door locks and interior lights; Media Oriented Systems Transport (MOST) for infotainment systems such as modern touchscreen and telematics connections; and FlexRay for high-speed vehicle component communications such as active suspension and active cruise control data synchronization.[1]
Additional consumer communication systems are also integrated into automobile architectures. These include Bluetooth for wireless device connections, 4G Internet hotspots, and vehicle Wi-Fi.
The integration of these various communications and software systems leaves automobiles vulnerable to attack. Security researchers have begun demonstrating the multitude of potential attack vectors in modern vehicles, and some real-world exploits have resulted in manufacturers issuing vehicle recalls and software updates to mobile applications.
Manufacturers, such as John Deere, have used computer systems and Digital Rights Management to prevent repairs by the vehicle owners, or by third parties, or the use of aftermarket parts.[2] Such limitations have prompted efforts to circumvent these systems, and increased interest in measures such as Motor Vehicle Owners' Right to Repair Act.
Research
In 2010, security researchers demonstrated how they could create physical effects and undermine system controls by hacking the ECU. The researchers needed physical access to the ECU and were able to gain full control over any safety or automotive system including disabling the brakes and stopping the engine.[3]
In a follow-up research paper published in 2011, researchers demonstrated that physical access is not even necessary. The researchers showed that “remote exploitation is feasible via...mechanics tools, CD players, Bluetooth, cellular radio...and wireless communication channels allow long distance vehicle control, location tracking, in-cabin audio exfiltration and theft”.[4] This means that a hacker could gain access to a vehicle's vital control systems through almost anything that interfaces with the automobile's systems.
Recent exploits
Fiat Chrysler UConnect
UConnect is Fiat Chrysler's Internet-connected feature which enables owners the ability to control the vehicle's infotainment/navigation system, sync media, and make phone calls. It even integrates with the optional on-board WiFi.[5]
However, susceptibilities in Fiat Chrysler’s UConnect system, available on over 1.4 million cars, allows hackers to scan for cars with the system, connect and embed malicious code, and ultimately, commandeer vital vehicle controls like steering and brakes.[6]
General Motors OnStar RemoteLink App
The OnStar RemoteLink app allows users the ability to utilize OnStar capabilities from their Android or iOS smartphones. The RemoteLink app can locate, lock and unlock, and even start your vehicle.[7]
The flaw in General Motors’ OnStar RemoteLink app, while not as extreme as UConnect, allows hackers to impersonate the victim in the eyes of the RemoteLink app. This means that the hackers can access all of the features of the RemoteLink app available to the victim including locating, locking and unlocking, and starting the engine.[8]
Keyless entry
Samy Kamkar has demonstrated a device that captures signals from keyless entry fobs and allows the attacker to unlock the doors and start the engine of the owner's car.[9]
References
- ^ Petit, J., & Shladover, S. E. (2015). Potential cyberattacks on automated vehicles. IEEE Transactions on Intelligent Transportation Systems, 16(2), 546-556. doi:10.1109/TITS.2014.2342271
- ^ Automakers Say You Don’t Really Own Your Car on eff.org (April 2015)
- ^ Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., ... & Savage, S. (2010, May). Experimental security analysis of a modern automobile. In Security and Privacy (SP), 2010 IEEE Symposium on (pp. 447-462). IEEE.
- ^ Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., ... & Kohno, T. (2011, August). Comprehensive Experimental Analyses of Automotive Attack Surfaces. In USENIX Security Symposium.
- ^ http://www.autotrader.com/car-tech/what-is-chrysler-uconnect-215353
- ^ Greenberg, A. (2015, July 21). Hackers Remotely Kill a Jeep on the Highway-With Me in It. Retrieved August 6, 2015.
- ^ https://www.onstar.com/us/en/services/remotelink.html?source=ct
- ^ Finkle, J., & Woodall, B. (2015, July 30). Researcher says can hack GM's OnStar app, open vehicle, start engine. Retrieved August 27, 2015.
- ^ This 'Gray Hat' Hacker Breaks Into Your Car — To Prove A Point