Skip to 0 minutes and 13 seconds What are the most hackable attack surfaces? Within a modern car’s network of features there are many ‘entry points’ that could be utilised by an attacker to gain wider control over vehicle systems.
Skip to 0 minutes and 22 seconds Bluetooth connectivity: Most of the vehicle’s these days have Bluetooth functionality built in to synchronise devices, enable multimedia playback and telephony systems. There are two types of attacks that could happen using Bluetooth via paired or non-paired devices.
Skip to 0 minutes and 41 seconds The on-board diagnostic port 2 (or OBD 2): Since 1996, it has been mandatory by law for every vehicle to have an OBD2 port installed. As its name suggests, it is used for diagnostics in vehicle malfunctions. When the OBD port was designed, the security of the in-vehicle networks was not a priority, as its initial job was to provide data for emission control. However, with the advancement of technology as well as with an increase in the number of electronic controller units used in in-vehicle networks, OBD began to do more than what it was initially designed for and this led to the OBD2 port being easily abused to record or alter the in-vehicle communications between ECUs.
Skip to 1 minute and 32 seconds Tire pressure monitor system (or TPMS): These sensors constantly measure tyre pressure in each tyre. Research has shown that it is possible to manipulate the readings of these sensors by compromising their ECU.
Skip to 1 minute and 46 seconds Remote keyless entry or RKE: RKE uses a short-range radio transmitter which communicates with the vehicle by sending identification information to it for authentication. There have been cases when an attacker outside of a victim’s house could amplify the signal coming from their car keys within and fool a victim’s car that the key is closer, allowing the car to be unlocked and driven. driven
Skip to 2 minutes and 13 seconds Wifi: Many vehicle’s contain cellular based internet connections for system updates etc. This connection could be used to create a wifi hotspot that an attacker could use to launch an attack.
Skip to 2 minutes and 28 seconds The telematics unit TU: Most vehicle’s these days contain cellular radio, termed as a telematics unit, which they use to connect the vehicle to a cellular network. All multimedia related activities like media playback and navigation are performed through it. This technology is used for the vehicle to interact with communications from a wider infrastructure and to communicate them to a passenger. Many researchers have exploited vulnerabilities within the TU, for example Charlie Miller and Chris Valsak exploited the in-vehicle radio system and thus established that attacking the telematics unit, could also open a back door into the vehicle’s network.
What are the most hackable attack surfaces?
Watch the above video in which some of the potential entry points for an attacker are explained. These are also listed below.
Bluetooth (BT): OBD-2 connected Bluetooth dongle or built-in on-board Bluetooth for diagnosis. Aftermarket OBD-2 Bluetooth dongles are available to purchase. Most of these dongles do not have secure protection of firmware, which makes them vulnerable to be hacked and used to control in-vehicle networks.
On-board diagnostic port (OBD): Since 1996, it is mandatory by law for every vehicle to have an OBD port installed, which is used for diagnostics in vehicle malfunctions.
Tyre pressure monitor system (TPMS): There is a pressure sensor to measure the tyre pressure constantly attached in every tyre. It is possible to manipulate the readings of a sensor by compromising its ECU.
Remote keyless entry (RKE): RKE has a short-range radio transmitter that communicates with a vehicle by sending identification information to it for authentication. There have been several cases in the UK where a vehicle hacker has managed to amplify the key signals that are inside the house to gain access to the vehicle outside.
Wifi: Some vehicles contain cellular-based internet connections that could be used as a wifi hotspot.
Telematics unit (TU): Most vehicles these days contain cellular radio – known as a telematics unit – to connect the vehicle to a cellular network. This technology is used for vehicle-to-person/infrastructure communication. Many researchers have exploited vulnerabilities of TU and remote access, and controlled TU without user involvement (Checkoway et al. 2011).
As mentioned above and in the video, since 1996 it is mandatory by law for every vehicle to have an OBD port installed. Explain why this is so important.
Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., and Kohno, T. (2011) Comprehensive Experimental Analyses of Automotive Attack Surface [online] available from http://www.autosec.org/publications.html [29 October 2019]