Trend Micro participated in the 2019 edition of Connected & Autonomous Vehicles, which was co-located with Internet of Things World. At the event ? held from May 14 to 16 in Santa Clara, California, with more than 300 exhibiting companies and over 12,500 visitors ? Trend Micro highlighted the security risks of connected cars.
Attack Vectors of Connected Cars
Spencer Hsieh, a security researcher at Trend Micro, talked about the security risks of connected cars. He discussed the kinds of devices that are susceptible to cyberattacks. He emphasized that devices can be targeted by attackers if they are remotely accessible and have access to the Controller Area Network (CAN) bus, which is used as the internal network that allows different electronic components to communicate with one another within a car. In his presentation, titled “Security Risks of Connected Cars: Exploring the Attack Surface of Connected Cars and How to Stop Attacks,” he identified in-vehicle infotainment (IVI) systems and on-board diagnostics (OBD-II) dongles as the most vulnerable devices, and showed how they can be hacked.
Spencer Hsieh, a security researcher at Trend Micro, presenting “Security Risks of Connected Cars: Exploring the Attack Surface of Connected Cars and How to Stop Attacks”
Hacking an In-Vehicle Infotainment (IVI) System
A modern IVI system is the central hub for connected cars: It provides various kinds of connecting technologies such as Bluetooth, Wi-Fi, and 3G/4G cellular networks, allowing cars to connect with outside networks. Its network-connecting abilities make an IVI system accessible remotely and thus a potential target for hackers.
Trend Micro’s demonstration showed how to hack an IVI system with the following scenario:
- A fake Wi-Fi hotspot is set up.
- The web connection is hijacked and a fake system update page is delivered.
- The user is induced to allow the system update to be installed so that an application is downloaded and installed on the IVI system.
- The installed application calls back to a command-and-control (C&C) server set up by the attackers.
- Commands are remotely issued to the application and the CAN bus messages are sent to control the electronic control units (ECUs) of the car.
Hacking an On-Board Diagnostics (OBD-II) Dongle
Designed for self-diagnosis of vehicle problems, OBD-II allows vehicle owners or technicians to access the status of and assess issues with vehicles. Some OBD-II devices can function as Wi-Fi hotspots for their 3G/4G networks, and some vendors use OBD-II and Bluetooth to provide devices that can allow users to check and even adjust their vehicles through their smartphones. The abilities to access the CAN bus and communicate wirelessly with other devices or access the internet expose these OBD-II devices to security risks.
Trend Micro’s demonstration showed how an OBD-II dongle can be hacked with the following scenario:
- A copy of malicious firmware, which has additional functions to accept commands from a malicious application and send messages to the CAN bus to lower the windows of a car, is prepared.
- A new Android application that has the capability to pair with a dongle and install the firmware update package on the paired dongle is created.
- Commands are issued to the dongle, asking it to send CAN bus messages to lower the windows of a car, thereby allowing malicious actors to steal valuables in the car.
For more information about Smart Car Related News from Trend Micro: https://www.trendmicro.com/us/iot-security/news?category=connected-car
IVI systems and OBD-II dongles both have wireless connecting capabilities and have access to the CAN bus. These two characteristics introduce security risks that can allow attackers to remotely control hardware components in a connected car. To address the security issues, vendors must be aware of these risks and dedicate more resources to securing their products, considering the following:
- CAN bus protection
- Safeguarding of firmware update mechanisms
- Implementation of security features
- Security auditing
For more information about IoT Security Solutions for Automotive: https://www.trendmicro.com/us/iot-security/iot-solutions/connected-car