Trend Micro publishes a new study on the safety of connected cars. This describes various cyber attacks and cyber risks that endanger the safety of the driver and others.
The researchers evaluated 29 real attack scenarios using the DREAD threat model for qualitative risk analysis. These attacks can be launched remotely and / or from the victims' vehicles. The study lists the following examples:
Evaluated attack scenarios
- DDoS attacks on Intelligent Transportation Systems (ITS) can influence the communication of the connected vehicle and represent a high risk.
- Exposed and vulnerable connected car systems are easy to discover, which puts them at a higher risk of attack.
- Over 17 percent of all attack vectors examined represent a high risk. These only require a simple understanding of connected car technology and can also be carried out by less qualified attackers.
"Our research shows that there are numerous possibilities for attackers to abuse connected car technology," says Rainer Vosseler, threat research manager at Trend Micro. “Fortunately, the real opportunities for attack are now limited, and criminals have not yet found a reliable way to monetize such attacks.
Cars: United Nations mandates cybersecurity
With the latest regulation of the United Nations, which stipulates that cybersecurity must be integrated in all connected vehicles (2), as well as a new ISO standard that is currently being developed, it is time for the automotive industry to recognize cyber risks earlier and addressed. This is the only way we can safely look to a future of networked and autonomous driving. "
It is forecast that between 2018 and 2022 more than 125 million cars with integrated connectivity will be delivered worldwide. (3) Fully autonomous driving is also constantly developing. This progress creates a complex ecosystem that includes cloud, IoT, 5G and other key technologies and thus offers a broad attack surface with millions of possible endpoints and users.
Study warns of sabotage
As the industry evolves, there are numerous opportunities for monetization and sabotage for cyber criminals, hacktivists, terrorists, nation states, insiders, and even unscrupulous drivers, the study warns. Of all 29 attack vectors examined, the overall risk of successful cyber attacks was rated as medium. However, as SaaS applications are increasingly embedded in the electric / electronic (E / E) architecture of vehicles and cybercriminals develop new strategies to derive a profitable benefit, the risk of attack increases.
In order to counteract the attack scenarios outlined in the study, all critical areas must be integrated into the security architecture of connected cars. In this way, the end-to-end data supply chain is also secured. Trend Micro recommends the following general guidelines for protecting connected vehicles:
- Assume the possibility of a successful attack and prepare for it with effective warning, containment and mitigation processes.
- Protect the end-to-end data supply chain across the vehicle's E / E network, network infrastructure, backend servers and the VSOC (Vehicle Security Operations Center).
- Use lessons learned to further strengthen defenses and prevent recurring incidents.
- Relevant security technologies are firewall, encryption, device control, app security, vulnerability scanners, code signing, IDS for CAN, antivirus for the head unit and other solutions.
Trend Micro has the full English report "Cyber Security Risks of Connected Cars" available online.
Go directly to the study at TrendMicro.com
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.