A vulnerability has been found in the internal system of modern cars that opens up the door for hackers to shut down a vehicle’s crucial safety features.
It was last month at DIVMA security conference in Bonn, Germany that the new vehicular hacking technique was uncovered. Researchers from LinkLayer Labs, security firm Trend Micro and the Polytechnic University of Milan have discovered a significant security flaw in the Controller Area Network (CAN) protocol. CAN enables car components to communicate with each other within the car’s internal network.
The issue has clearly shown to be complex as today’s anti-hacking technology for cars is not enough to stop attacks. The hack can bypass currently available intrusion detection systems, e.g. systems from Argus and NNG with ease. Frederico Maggi, a Trend Micro researcher, says “It’s practically impossible to detect at the moment with current technology”.
In the event of a successful hack the exploit gives the ability to disable components connected to safety mechanisms. Maggi stresses the severity of the flaw,
“You could disable the air bags, the anti-lock brakes, or the door locks, and steal the car”
How to perform the hack
The researchers found that the inherent design of the CAN protocol is vulnerable to attacks. One basic mechanism of CAN checks for messaging errors. If a component sends an invalid message to an other, the sending component is required to relay an error message regarding the original message. If the invalid message is sent repeatedly, the CAN protocol dictates that the offending component must inform other components in the network that it’s defective. It will then cease its communications with the other components. This mechanism is what the hack abuses.
The hacker will wait for its target component, let’s say ABS-brakes, to send out a message or frame, which is the correct term. When the target starts communicating, the hacker will simultaneously send out a frame with a “single corrupted bit that overrides the correct bit” in the target’s frame, in this case the ABS-brakes’. This component will start sending out an error message each time the hacker overrides its frame until it marks itself as flawed, informs the rest of the network and halts communications. This can be seen as a type of “denial of service” attack that stresses and eventually turns off the targeted components.
Don’t be worried though! Besides researchers hacking cars, there’s no known case of car-hacking in the real-world and probably won’t be for many years to come. This particular hack can’t be done remotely, it’s only possible if the hacker already have access to the internal network of a car, e.g. through an exploit in a gadget plugged into the car or in the infotainment system’s Wi-Fi.
Is your car affected? Most likely if you have a modern car. Do you have to be worried? No, as the paragraph above explained this is a problem for the future; we’re not in the era of car-hackers, yet… However, this research shows that security in cars is equally important as security in computers and smartphones, so we can’t ignore it – hackers will in the end take every opportunity they get – it’s always better to be safe than sorry.
What’s your opinion of anti-hacking security in cars? Important or exaggerated? Leave a comment below and let us hear!