Automotive Cybersecurity Risks – Expect the Unexpected
They See Me Rollin:
Modern vehicles rely on computers for all their core functions. Modern vehicles are equipped with an Engine Control Module (ECM), or an Engine Control Unit (ECU), a Transmission Control Module (TCM), although this is only relevant for automatic gearboxes, and more modern cars use a Power Terrain Module (PCM), a combination of the ECU and the TCM, which increases the efficiency and the output of the vehicle.
While these computers help us drive, increase safety protocols, improve fuel efficiency, they are vulnerable to cyber-attacks. There are currently 237 million connected cars on the street, a figure expected to reach 400 million by 2025. These numbers indicate an enormous number of potential targets for malicious actors.
Cyber-attacks Fast and Furious style, where all the cars in a city are hacked at once and get dropped from parking lots, are great for cinematic effect, but not necessarily realistic. However, several security researchers have shown what a cyberattack on a car would look like in the real world. For example, in 2015, Charlie Miller and Chris Valasek famously took control of a Jeep Cherokee remotely, nullifying the driver’s attempts to regain control of the vehicle. More recently, in January 2022, a 19-year-old teenager, David Colombo, hacked into 25+ Teslas across the planet, remotely unlocking doors and windows and initiating keyless driving.
While these were tests carried out by security researchers, state-sponsored actors could exploit car vulnerabilities to their advantage, and there are several ways to do so. One such way could be through infecting another state’s car diagnostic device supply chain.
Nowadays, mechanics run all their tests through a car diagnostic device, like Autel® MP808K, or Launch® X431 V Plus, to identify various problems with a car. These highly specialized computers can indicate whether a suspension needs to get recalibrated; if the axel is not in line; or when the headlights are too dim. Car diagnostic devices determine the exact issue, reducing costs and operation times.
However, one significant risk is that a car diagnostic device can get manipulated at some point in the supply chain. An attacker can pose as an employee and infiltrate the production line, taking the car diagnostic device apart and planting a Raspberry Pi inside, or spoofing the cables that connect the device to the car. These hardware attack tools allow the perpetrator to compromise a car’s firmware through the car diagnostic device, allowing them to take complete control over the vehicle. To add to the risk, Rogue Devices operate on Layer 1, enabling them to bypass existing security solutions, such as NAC, EPS, IDS, or IoT Network Security. In other words, the victim won’t know they’re suffering from a hardware-based attack until it’s too late.
Let’s look at an example of a state-sponsored actor carrying out a hardware-based attack on a car diagnostic device. Say tensions are rising between “Fakeistan” and “Madeupistan”; the former could pay a hardware-based hacking group to infiltrate the latter’s manufacturing warehouses. Here, the bad actor will replace the diagnostic device’s connecting cables with spoofed ones that compromise a vehicle’s firmware. But why would Fakeistan want to conduct such an attack on its adversary? Well, by gaining control over vehicles, Fakeistan could cause car accidents across Madeupistan, resulting in physical injuries, chaos, and fear that, in itself, are a threat to national security.
However, on top of that, emergency vehicles could get targeted in the same way. Now, not only are civilian cars getting taken over, but the very services needed in such a scenario are unavailable; ambulances cannot intervene, and police cannot provide emergency assistance. By undermining national security on such a large scale, Fakeistan could gain an upper hand over its adversary. Going even further, Fakeistan could use the opportunity to launch a direct invasion into Madeupistan, with no emergency vehicles available and streets jammed by car accidents making it extremely challenging to put up a strong defense.
Ride With Me:
As cyberwarfare proliferates, state-sponsored actors are exploiting all possible attack vectors, making the above scenario all the more likely. Tackling the manipulation of a car diagnostic device through hardware attack tools requires visibility on Layer 1. Sepio’s Hardware Access Control (HAC-1) solution provides a panacea to gaps in device visibility by covering Layer 1. In doing so, customers benefit from complete asset visibility – no device goes unmanaged; the solution identifies, detects, and handles all IT/OT/IoT devices. Moreover, HAC-1’s policy enforcement mechanism and Rogue Device Mitigation capabilities instantly block any unapproved or rogue hardware, enabling a Zero Trust Hardware Access approach, which stops attackers at the first line of defense.
HAC-1 requires no hardware resources and does not monitor any traffic; within 24 hours, we can provide you with complete asset visibility and identify previously undetected rogue or vulnerable devices. Think of HAC-1 as a diagnostic device for a diagnostic device.