Connected Vehicle Cybersecurity Threats: Part 2

A look at what to expect in connected vehicle trends for 2023

05 January 2023

In the first part of this blog, we looked at the proliferation of connected vehicles on the market and the cybersecurity vulnerabilities that exist. In this blog we're going to focus on the methods of and motives for cyber-attacks on connected vehicles.

Automotive Attack Vectors

There are several possible attack vectors available when hacking a connected vehicle. The pie chart below shows the 2022 Upstream Security Global Automotive Cybersecurity Report statistics of the most popular attack vectors among hackers. [1]

Figure 1 – 2021 Top 8 most used attack vectors

 

Connected vehicles have more data and analytics associated with their activity than non-connected vehicles. This data is usually stored in the manufacturer's datacenter servers, which may be vulnerable to attack. If the connected vehicle is part of a commercial fleet, its data may be managed by the company or a fleet management consultant company. Servers account for the most attacks on connected vehicles. [1]

Of all these attack vectors the Upstream Security report recorded each separate source of attack from both black-hat and white-hat attackers in 2021, 48.5% of attacks were long-ranged (off-premises) and 51.5% were short-ranged (on-premises). Long-ranged attacks are significant since a car vulnerable to long-ranged attacks is exposed to far more opportunistic criminals and lowers the risk involved. Long-ranged attacks are increasingly being discovered so far primarily by white-hat researchers, but it is expected black-hats will follow. [1]

Connected Vehicles: What are the attack motives?

The most common attack motive is financial gain. In a town in Ontario, 124 vehicles were stolen in 2021. Of those 124 vehicles, 66 of them involved a keyless entry device or an ECU related attack. A total of 42 of those thefts occurred within a single month, indicating an organized theft campaign. While personal vehicle thefts can negatively impact a family's day-to-day responsibilities, supply-chain related vehicle thefts can have much broader consequences to local communities. [1][2]

Due to recent world events, state-sponsored hacking has been on the rise throughout the world. Many state-sponsored threat groups have been known to target critical infrastructure services. While there has not been a high-profile case of reporting an attack to infrastructure connected vehicles, these vehicles would be considered valuable targets to these types of threat groups.

Considering that some attacks could tamper with vehicle braking, steering, and throttle, one can see a potential danger for high-profile individuals. Principal software developer Andrew McKim at BlackBerry Ltd. said, "Malicious actors will really maybe go after a particular vehicle, a particular person," but wouldn't elaborate on which companies or governments are conducting vulnerability assessments on vehicles to be used by important persons. [1][3]

Connected Vehicle Security

As IoT grows into the automotive industry, greater scrutiny on the security of new systems and features is warranted to protect the private assets of car owners as well as protect critical infrastructure. It may seem some car manufacturers are more secure than others, but there simply isn't enough data. As the Upstream Security Global Automotive Cybersecurity Report 2022 puts it, almost every manufacturer so far has experienced cybersecurity incidents. [1]

References:

[1] Upstream Security Global Automotive Cybersecurity Report 2022 – https://upstream.auto/2022report/

[2] Cybercriminals hacking into vehicles pose dangers as local researchers try to stop them – https://www.koaa.com/news/deep-dive/cybercriminals-hacking-into-vehicles-pose-dangers-as-local-researchers-try-to-stop-them

[3] Could a hacker crash your car? – https://www.theglobeandmail.com/drive/technology/article-could-a-hacker-crash-your-car/

 

Isaac Collinson Intertek headshot

Isaac Collinson,
IT Security Analyst

Isaac Collinson is an IT Security Specialist at Intertek EWA-Canada. He has been with the company for three years, most recently joining the operations team a year ago after spending two years on the EWA-Canada High Assurance Lab team.

 

 
 
 
 
34359848764
191
6951/7664/3179/34359745565/
34
0
29548