Car Industry In Crisis Over AI and Hackers

In many instances, researchers and engineers have found ways to hack into modern, Internet-capable cars, as has been documented and reported several times.

One famous example is the Chrysler Jeep hack that researchers Charlie Miller and Chris Valasek discovered. This hack and those that have come before have mostly been reliant on specific vulnerabilities in specific makes and/or brands of cars. And once reported, these vulnerabilities were quickly resolved.

But what should the security industry’s response be when a hack is found that is not only successful in being able to drastically affect the performance and function of the car, but is also stealthy and vendor neutral? Enter the hack that does just that, one that has been discovered and proven to be effective by the collaborative research efforts of Politecnico di Milano, Linklayer Labs, and Trend Micro's Threat Research (FTR) team.

It is currently indefensible by modern car security technology, and to completely resolve it would require broad, sweeping changes in standards and the ways in-vehicle networks and devices are made.

Realistically, it would take an entire generation of vehicles for such a vulnerability to be resolved, not just a recall or an OTA (on-the-air) upgrade. Here are some anticipated initial questions and answers:

Another “car hacking” proof of concept? What’s new about it?

What’s new is that it’s an attack that disables a device (e.g., airbag, parking sensors, active safety systems) connected to the car’s device network in a way that is invisible to state-of-the-art security mechanisms.

What is the main takeaway from this research?

Gaining access to someone else’s vehicle has become a common situation, with many legitimate use cases. It is time that standardisation bodies, decision makers, and car manufacturers take this change into account, and revise the design of the cyber-physical systems that govern future automobiles in order to secure them.

So some drivers believe that Self-Driving Cars are a Hacker's dream? Think again…

Self-driving cars feel like they should provide a nice juicy target for hackers.

After all, a normal car has a driver with their hands on the wheel and feet on the pedals. Common sense suggests this provides a modicum of protection against a car takeover which a self-driving car, or even one with just the sort of assisted driving features already found on the road today, lacks.

But that’s the wrong way around, says Craig Smith, a security researcher and car hacker. “One interesting thing about fully self-driving cars is they’re unintentionally more secure, which is really not what you would expect at all.”

Alongside his day job as the head of transportation research at security firm Rapid7, Smith runs the Car Hacking Village at Defcon, the world’s largest hacking convention, in Las Vegas.

Spend any time there, and you’ll start giving sideways glances to anything weird your car does. Now in its third year, the village is the nexus of a community capable of remotely hacking into a jeep to cut the breaks and fooling a Tesla’s autopilot into thinking there’s a phantom pillar in front of it.

At first automotive manufacturers saw hackers the way much of the world still does: irritations at best, and hardened criminals at worst, maliciously trying to break their products and endanger the world.

These days, attitudes have softened, with hackers seen as potential allies, or at least uneasy partners, in the war against cyber-crime. The bugs that let hackers into a car are there from the start; it’s better if someone like Smith finds them rather than an unscrupulous gangster who wants to start experimenting with in-car ransomware.

The most obvious example of the thawing of attitudes was a Mazda 2 rolled in by the Japanese carmaker for the denizens of Defcon to have their way with. But it’s only halfway there, Smith warns: “I like that Mazda’s here, but everybody has a lot of work to do in this particular field, in terms of being more open about their stuff.”

Mazdas are good cars to learn from, he explains, because all the electronic systems send instructions around the car through one bottleneck, the high-speed bus. In most cars, the bus is reserved for the most safety critical messages, such as steering or braking, meaning it’s not really the sort of thing you want to mess around with. But you can learn how the bus works by fiddling with something as mundane as the windscreen wiper commands on a Mazda.

Those sorts of considerations still form the bread and butter of car hacking research right now. The inner workings of most cars are obfuscated, complex and locked up, leaving researchers struggling to even understand what an in-car computer looks like when it’s working, let alone how to start pushing the boundaries of what it can do.

Obscurity might bring safety for a while, but it also renders security research expensive and time-consuming. The really dangerous flaws are likely to be discovered, not by hobbyist researchers, but by those who stand to make money from hacking.

One of the biggest stories from the sector in 2015 and 2016 was the hacking of a Jeep. In 2015, two researchers from IOActive discovered a way to hack their way from the internet-connected entertainment system of the car into the low-level system which controls the vehicle.

That let them send commands to brake or steer the car wirelessly prompting a mass recall of affected models. In 2016 the pair presented an update at Defcon that illustrated just how much more they could have done after slowly reverse engineering the Jeep’s low-level system.

They went from only being able to break control the car when it was travelling less than 5 miles per hour, for instance, to being able to control the speed of the car at will.

That distinction is also why Smith is counterintuitively optimistic about the future of cars, as they move from human- to computer-controlled. Smith explains:

“The way cars work today is you have a few sensors. You can see how they work in a lot of commercials: a car is backing up, or parking, it sees a kid in a driveway, and it stops.

“You have one signal coming in, saying ‘I see an object, stop the car’. It’s a computer overriding a human. The human is saying ‘I’m going to drive, I’m giving it gas’, and not only is it ignoring it, the car is doing the opposite of what the human says. ‘That’s nice, I’m going to stop’.”

Those signals are sent through that same low-level system that hackers have been penetrating for years. It is called the Can bus, short for Controller Area Network.

It’s generally the case that once a hacker has access to it, the rest of the game is largely reverse-engineering what signals are sent when. As one security engineer for a major car firm joked, “it’s called the can bus, not the can’t bus, because once you’ve got access to it, there’s nothing you can’t do”.

Smith explains that from a hacker’s point of view having just one sensor makes it much easier to fake a signal or event to fool the car into doing something. But self-driving cars are, by and large, smarter. Smith said: “In a self-driving world, fully self-driving, they have to use lots of different sensors.”

That’s because simple proximity-detection doesn’t cut it if you need a car to drive in different conditions and through different streets without human intervention. How, for example, do you tell the difference between a pile of leaves lying in the road – safe to drive through – and a child who has fallen off their bike? No single-reading depth detector can tell you that.

“Each of the sensors used in autonomous driving comes to solve another part of the sensing challenge,” said Danny Atsmon, the head of self-driving vehicle testing company Cognata, who explained that cameras on autonomous cars have been confused by an RV with an image of a landscape on it or by a car with a picture of a bike.

“Lidar cannot sense glass, radar senses mainly metal and the camera can be fooled by images, hence, the industry decided on a sensor redundancy and sensor fusion approach to solve that, but each of the edge cases that we present here raises the bar,” said Atsmon.

That fusion of sensor doesn’t just help get a better picture of the world, it also, accidentally, solves part of the security problem.

“The interesting thing that happens is that each sensor doesn’t trust the other,” Smith says. The radar no longer has the ability to bring the car to a juddering halt, for instance, because the camera and Lidar might overrule its findings. To convincingly fake all the systems at once, you can’t just feed in a few false signals: you have to model an entirely fictitious world.

“It’s way closer to the way humans figure out whether something is an illusion or not. And that’s harder for a hacker to deal with. Even the most secure corporate networks tend not to take that sort of approach: once you’re in the secure zone, they assume you’re one of the good guys.”

The future won’t be a hack-free heaven. Software is complex, mistakes happen, and there are other ways to sneak through the code of self-driving cars, even if that entails hacking, not the car, but the world itself. Take the researchers who printed fake Stop signs that are readable by a human but not a car.

But it looks like sitting in a car controlled by a computer may at least be safer than sitting in a car that thinks it’s controlled by you. The sooner this stuff gets solved, the better.  

Trend Micro:      Guardian:

You Might Also Read:

Cybersecurity Rules For Autonomous Vehicles:

What Will The Car Of 2040 Be Like?:

 

« ‘Decoys’ To Reinforce Japan’s Defenses Against Cyber-attacks
Will GDPR Protect Privacy Or Just Lead To More Hacks? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clearwater Security & Compliance

Clearwater Security & Compliance

Clearwater Compliance specialize in Privacy, Security, Compliance and Risk Management Solutions for Health Care, Law Firms and other businesses.

evoila

evoila

evoila GmbH is one of the leading providers in consulting, analysis, implementation and management of cloud infrastructure.

Oppida

Oppida

Oppida provides tailored IT security services to help you identify security gaps and assist in finding the most effective remediation.

Purple Security

Purple Security

Purple Security arises from the association of specialists in offensive security (ethical hackers, white hats) and experts in insurance, compliance and implementation of industry standards.

ReliaQuest

ReliaQuest

ReliaQuest’s GreyMatter solution connects existing technology, people, and process – then equips security teams with unified, actionable insights across their entire environment.

Secure Recruitment

Secure Recruitment

Secure Recruitment is a specialist Executive Search business that focuses its efforts on attracting specific exceptional talent in Cyber Security.

Ensurity Technologies

Ensurity Technologies

Ensurity is a deep-tech cybersecurity engineering company; designs and manufactures specialized secure hardware, software, and mobile application solutions.

Cyber Risk Aware

Cyber Risk Aware

Cyber Risk Aware provide a security awareness and phishing simulation platform that focuses on real threats and educates and empowers employees to be the first line of defence.

archTIS

archTIS

archTIS specialises in the design and development of products, solutions and services for secure information sharing and collaboration.

Tapestry Technologies

Tapestry Technologies

Tapestry Technologies supports the Department of Defense in shaping its approach to cybersecurity.

VISTA InfoSec

VISTA InfoSec

VISTA InfoSec is a global Information Security Consulting firm with offices based in US, UK, Singapore and India.

IntegraONE

IntegraONE

IntegraONE is a IT solutions provider offering a full range of networking and technology solutions.

Binarii Labs

Binarii Labs

Binarii are focused on helping enterprises to design and deploy SaaS solutions that utilise DLT (Digital Ledger Technology) effectively, efficiently and sensibly.

Ofcom

Ofcom

Ofcom is the UK's communications regulator. We regulate the TV, radio and video on demand sectors, fixed line telecoms, mobiles, postal services, plus the airwaves over which wireless devices operate.

Redefine

Redefine

Redefine are Crypto-Native, Cyber Experts, and Blockchain Believers. We are here to make Web3 anti-fragile, safe and accessible to all.

CliffGuard Cybersecurity

CliffGuard Cybersecurity

CliffGuard Cybersecurity deliver comprehensive services designed to protect your organization from the ever-evolving landscape of cyber threats.