Just as the DDoS (Distributed Denial of Service) attacks seem to increasingly become, in the last few years, only minor disturbing events, that are mostly irritating, more recent events have shown that they are coming back in force.
One of them, of particular gravity, took place in France, in September 2016, when a major host of servers, OVH, faced attempts to paralyze the network by 1 Tbps (TeraBits per Second) attacks. The saturation flux density of the attack is remarkable, but its feed is the most worrying. Investigations have since shown that this attack would have been facilitated by IP (Internet Protocol) surveillance cameras with poor or non-existent protection. And IP cameras equal to the Internet of Things.
The issue regarding the Internet of Things security is structured into two branches: one that looks at their demographic explosion, from 8 billion in 2010 to probably 80 billion in the year 2020 (according to the IDATE study bureau); the other concerns their securing. Both branches are correlated: how can a rapidly expanding phenomenon, in perpetual change, be effectively secured? And here, the cars of the future start to intervene.
The well-known designers, such as the giants of the digital sector, are already seriously planning the autonomous machine of the future that is, steered with artificial intelligence. Artificial intelligence involves the partial and then full delegation of driving. This can only be achieved if the vehicle is capable to guarantee compliance with the most reliable route selected, and in order for it to comply with the starting command, the vehicle must be permanently connected to its environment and with some communication relays.
If the vehicles produced between 2000-2015 had a pre-installed and integrated database on the controlling screen, guiding the human driver (e.g. GPS navigation), the current challenge for the designer is to provide a self- evolving and up-to-date database that can respond to even more specific requirements such as a change in itinerary due to a temporary traffic jam or service space search with the most advantageous rates in a radius of x kilometers. This is the first step towards a dynamic autonomous driving style (1). This driving style will require an up-to-date information flow, ranging from leisure information (for example: a festival that takes place close to the vehicle’s itinerary), to security (for example: a temporary inaccessible route due to floods).
To this end, four categories can be defined:
- Entertainment information (signaling touristic spots near the vehicle location or entertainment software integrated in the control screen);
- Vehicle interaction (indication of battery usage or allowing calls to the manufacturer’s assistance center);
- Driving assistance (ecological driving style or itinerary planning);
- Vehicle self-security (distance, payment of parking spaces or global positioning service to locate a rented vehicle).
And yet, what is the link between these connected vehicles and the IP cameras mentioned at the beginning of this article? A simple one: they follow the same worrying path. Their number will exponentially increase in the years to come, and some examples raise legitimate questions.
It may also be noted in particular, an example that triggered a scandal in the specialized press: two computer science researchers, Charlie Miller and Chris Valasek, managed to interact remotely with a Jeep Cherokee (2), being able to use at will all the elements on board this 4X4: from the air conditioning system to brakes and steering, all from a distance of about 10 miles (16 kilometers).
The Fiat-Chrysler Group took this demonstration seriously and asked the users to correct this IT security weakness by adding a patch. This control takeover can be even more insidious, as it was demonstrated by the substantial alteration of a chosen itinerary on the navigation map. Dissected, the Uconnect system is a set of functions that allow you to browse, as well as play music or make a phone call. This multifunctional electronic system, found more or less in other groups in this sector, is just an entry gate for malicious persons.
The entry / exit points that may be the weak points of modern vehicles are:
- On Board Diagnostics (OBD) Port
- The 4G / LTE (Long Term Evolution) Modem
- CAN (Controller Area Network) Bus / VAN ( Vehicle Area Network) Bus
- The RFID chip (Radio Frequency Identification)
- The CD / DVD Reader
These weak points are not always due to lack of attention or refusal to take security measures on the part of the manufacturers, or their subcontractors. Many weaknesses of the software are actually unknown (Zero Day) and are only corrected once their existence appears. It is just that the inventiveness of the hackers and the growth of access points to modern vehicles complicates the work of the responsible staff for their eradication. In addition, the consumers’ demand and habits to have a set of functions inside the vehicle makes their technical limitation impossible; the issue of deactivating electronic functions that help stabilize the vehicle in any situation does not even come into question.
Under these circumstances, the growing market for connected vehicles will be easily integrated into the Internet of Things, as they will communicate and interact according with the passenger and the static and mobile terminals.
The difference between hacking an IP camera and that of a connected car consists in the fact that, in the absence of a second takeover control system, the risk of a fatal accident becomes extremely high for both the driver and the passengers, and for other users, as well.
It is a real danger that has drawn the attention of many equipment manufacturers and designers who are trying to eliminate the problem by reaching a minimum risk threshold, for example by implementing collaborative initiatives that aim to exchange information and redirect the researchers to the IT security field, as well towards antivirus and firewall design companies (for example, the Auto-ISAC [Information Sharing and Analysis Center] case or EVITA [E-safety Vehicle Intrusion Protected Applications]). This is a necessity because the work is Herculean: it is estimated that a connected vehicle contains almost 100 million code lines, compared to a modern fighter jet with just 8 million code lines.
These exchanges between different players in the field should allow not only the increase of security level, but also the protection from theft of crucial elements from the holders of technological secrets. As the remote takeover control of a vehicle is a major risk, the risk of technical data theft can not be avoided as the data concerns both the driver and the electromagnetic details of his/hers means of transport. Therefore we must not forget that the first step of defense in the field of computer security remains still the user, concerned about protecting his/her own good … and his/her own life.
Andy Geenberg, Hackers remotely kill a jeep on the highway with me in it, Wired, July 21, 2015 – https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway
Auto-ISA – https://www.automotiveisac.com/
EVITA Project – http://www.evita-project.org/
- An autonomous vehicle is not necessarily connected, for example, it may use different receptors and integrated cameras (such as LIDAR [Light Detection and Ranging]) in the motion process to navigate in space. However, its effectiveness depends on a certain geographic limit and driving activity. In addition, the vehicle does not communicate with objects around it: it receives information without emitting it. Dynamic autonomous driving requires real-time data exchange. Also, a connected vehicle is not necessarily autonomous either, because the driving delegation option might not have been selected or is just not available on that model.
- In 2013, a Toyota Prius and a Ford Espace were also hacked; however, the procedure required the presence of two specialists inside the vehicles, and it was made possible through cable and not remotely. In 2015, a remote hacking demonstration was made.
Translated from original article in French