Solution Overviews

Datasheet: Mitigating Automotive Cyberattacks

Issue link:

Contents of this Issue


Page 1 of 3 2 © 2019 Irdeto. All Rights Reserved. Instrument cluster attacked to roll back odometers. In April 2019, it was discovered that over 1.6 million cars had odometers that had been rolled back. Using an inexpensive electronic device to hack into the car's computer, a technician demonstrated that he could erase 100,000 miles in less than 30 seconds. Such an attack could not only artificially inflate the value of a vehicle, but the erased history could impact the vehicle's warranty and safety. Secure Environment includes a system-wide anti-debug feature. Attackers would not have been able to use the device to hack into the system without first spending a lot of effort trying to defeat the anti-debug feature. Additionally, any binaries modified, either in-memory or on-disk, are disallowed, making any data modification intrusion difficult. Sniffing CAN to add new features. In May 2019, a research-based hacker used a PCAN- USB adapter to connect to the car's OBD-II port. He shifted into and out of reverse to observe which messages were transmitted on the network. By identifying and injecting the right message, he was able to hack in a forward-looking camera no matter what gear the car was in. Secure Environment (SE) allows OEMs and Tier 1s to add access protection to their resources during integration time; for example, the CANBUS. Customers can define the resources (files, dev_node, etc.) and what can access them. SE's telemetry events report for all security events can detect the early research phases and allow a response. Furthermore, SE's partner, SafeRide, provides extensive monitoring of the CANBUS. Crashed Tesla vehicles expose personal data. In March 2019, a security researcher extracted unencrypted video, phonebooks, calendar items and other personal data from crashed Tesla vehicles that are sold at junkyards and auctions. Cloakware Software Protection (CSP) offers whitebox encryption and transformation technology, as well as unique secure storage for personal data. Even if the data remained in the re-sold vehicles, it would not be easily accessible or understandable. New cars found to be vulnerable to keyless entry hacking. In March 2019, a research group ranked new cars on how vulnerable their keyless solution is. Six of the 11 tested were ranked as 'poor.' Vulnerability to relay attacks was specifically mentioned as lacking. Keystone addresses relay attacks as well as other common attack approaches, including Man-in-the-Middle and Man-at-the-End attacks. It also protects common entry points such as BLE, Wi-Fi, debugging ports and ECU updates. U.S. Army's armored vehicles have been hacked. A February 2019 Pentagon report shows that unspecified adversaries disrupted certain systems on armored vehicles via a cyberattack. While details of the cyberattack were not reported, it seems likely that the attacks affected the vehicle's data-sharing, navigation, or digital communications capabilities. Secure Environment would have ensured these applications were not tampered. On May 22, 2018, Tencent Keen Security Lab released an "Experimental Security Assessment of BMW Cars". They discovered vulnerabilities of varying severity. Their success path followed a general flow of attacks that leverage physical access, as shown on the right. While this study focuses on a particular vehicle type and success path, it is only one example of the many approaches that threaten connected transportation. The methods used and available Irdeto mitigations discussed are not limited to this specific case. Gaining root shell via a local interface yields …more access to the details of implementation of the remote services running on the target which yields …the discovery of a remote vulnerability in the target and development of the exploit in-situ thanks to the root shell; which ultimately yields …the ability to deploy an exploit remotely and at scale A CASE STUDY: HOW DIFFERENT KEEN SECURITY LAB'S SECURITY ASSESSMENT OF BMW CARS WOULD HAVE LOOKED IF IRDETO SECURE ENVIRONMENT AND SOFTWARE PROTECTION HAD BEEN APPLIED.

Articles in this issue

Links on this page

view archives of Solution Overviews - Datasheet: Mitigating Automotive Cyberattacks