Cybersecurity has historically been a game of catch-up. New technologies are introduced without concern for cybersecurity protection. Customers begin adopting new systems, and hackers discover ways to attack the systems by exploiting weak or non-existent security controls. Manufacturers then attempt to layer security solutions, if possible, or install security in subsequent product releases. We see this trend with early connected mainframe computers, PCs, websites, wearable devices, industrial, and medical systems.
Today’s cars are no exception. Modern cars rely on complex and interrelated collections of systems, including braking, power locks, steering, entertainment, window controls, and so on.
In addition to these core control capabilities, next-generation cars add autonomous driving and ADAS features to this complexity.
451 Research reported that adoption of connected car services continues to increase, up five percentage points YoY, from 23% in Q1 2019 to 28% in Q1 2020. With increased services use comes increased risks. The number of electronic control units (ECUs) in vehicles is exploding, and new communication interfaces are being added, presenting a rich field of opportunities for hackers.
Security failures in connected cars
Researchers, white hat hackers, and cybercriminals have all mounted successful attacks against cars. Security researchers Charlie Miller and Chris Vilsack first put the auto industry on notice regarding the importance of cybersecurity by exposing critical security vulnerabilities in the remote connection capability of a Chrysler Jeep vehicle system back in 2015 and 2016. Since then, a parade of attacks has shown just how vulnerable our cars can be.
Attacks against a Tesla auto-navigation system highlight the dangers of insecure ECUs, as revealed in a report published by Tencent’s Keen Security Lab in which researchers described how they were able to take over the Tesla’s autopilot ECU in attacks that could have resulted in loss of control of the vehicle.
However, attacks are not limited to researchers. According to Upstream, black hat hackers now account for almost 75% of automotive security incidents. Automotive cybersecurity incidents to date have been limited to attacks against individual vehicles and back-end systems, but there is concerning potential for fleet-wide attacks to create large scale disruptions or ransomware attacks.
For example, consider the consequences of bad actors being able to install malicious firmware on a fleet of vehicles, disabling or remotely controlling the entire fleet. The ransomware would not have to cause vehicles to lose control while driving to be effective; it could simply limit vehicle speed to 5 mph or cause vehicles to not start. If an entire line of vehicles were infected, hackers could potentially extract a large ransom from an automaker.
Protecting cars from day one
Security must start early in the design and specification process. Autonomous and connected vehicle component developers are rolling out new technologies at lightning speed, and security must not be an afterthought.
Currently, the automotive industry lacks worldwide standards to ensure that every device (including car components) is known, authentic, and secure. Connecting a car to the internet happens via chips and code, but despite the critical nature of these components, manufacturers all too often have no visibility into their own supply chain and remain unaware if the open-source code they are using contains malicious elements or if the selected chip is appropriately authenticated to guarantee its safety.
This lack of knowledge means security weaknesses could be present in sub-systems even before they are installed into a vehicle.
Strong embedded security solutions exist
One paramount aspect of security for the automotive industry is ensuring the authenticity of all components throughout the entire supply chain. Manufacturers and suppliers can use PKI-based digital certificates for this purpose. Issued by a trusted Certificate Authority, certificates can be inserted into ECUs to confirm that the component is authentic. In a sense, a digital certificate is like a valid number plate for an IoT device. And like number plates, no car should be allowed on the road without one.
In addition to certificates, an increasing number of auto manufacturers are layering security technologies, such as embedded firewalls, secure boot, and secure firmware updates, into ECUs.
Embedded firewalls enable automotive ECU suppliers to enforce filtering rules and detect anomalies in network communications to prevent cyberattacks. Secure boot ensures that the firmware and software running on the car is authentic and has not been modified by hackers. And secure firmware updates allow car manufacturers to patch the firmware for security updates and to add new features via over-the-air updates. Together, these security technologies maximize driver safety and help prevent the loss of intellectual property, disruption of services, and the proliferation of an attack to other systems.
Industry groups have proposed more stringent security requirements for modern vehicles, but vehicle makers are still lagging in their efforts to build strong security into vehicles. Until security technologies are the norm and not the exception, ad hoc security implementations leave the door open for hackers targeting vehicles.
With an ever-increasing number of connected vehicles hitting the road, addressing blatant security failings—now—is imperative. Manufacturers shipping new vehicles should be held accountable for the safety of their product, and resilience to cyberattacks should be an essential factor in their quality controls.
Automobiles are an essential part of our lives. Imagine what could happen if a cyberterrorist took control of a moving vehicle, or the financial damage that could ensue if a bad actor was to hack an entire fleet of vehicles and prevent them from operating unless a suitable ransom was paid?
When adding new electronic components and features to a complicated device like a car, it is imperative that the system developers ensure the vehicle is resilient to common attacks and includes multiple layers of security. Anything less is simply not good enough—especially for the next generation of smart, autonomous vehicles.