Trend Micro discovers 'indefensible' car security/CAN standard flaw

Trend Micro claims to have discovered a hack is found that is not only successful in being able to drastically affect the performance and function of the car, but is also stealthy and vendor neutral. Discovered by researchers at Politecnico di Milano, Linklayer Labs and Trend Micro’s Forward-looking Threat Research (FTR) team, the hack is said to be currently indefensible by modern car security technology and to completely resolve it would require broad, sweeping changes in standards and the ways in-vehi
August 18, 2017 Read time: 3 mins
Trend Micro claims to have discovered a hack is found that is not only successful in being able to drastically affect the performance and function of the car, but is also stealthy and vendor neutral.


Discovered by researchers at Politecnico di Milano, Linklayer Labs and Trend Micro’s Forward-looking Threat Research (FTR) team, the hack is said to be currently indefensible by modern car security technology and to completely resolve it would require broad, sweeping changes in standards and the ways in-vehicle networks and devices are made. Realistically, it would take an entire generation of vehicles for such a vulnerability to be resolved, not just a recall or an OTA (on-the-air) upgrade.

The researchers say it abuses the Controller Area Network, or CAN, network protocol that connects all in-vehicle equipment, parking sensors, airbag, active safety system and infotainment systems and allows them to communicate. The standard for this network is called a Controller Area Network, or CAN.

Trend Micro’s online blog says, “It’s not the car manufacturers’ fault, and it’s not a problem introduced by them. The security issue that we leveraged in our research lies in the standard that specifies how the car device network (i.e., CAN) works. Car manufacturers can only mitigate the attack we demonstrated by adopting specific network countermeasures, but cannot eliminate it entirely. To eliminate the risk entirely, an updated CAN standard should be proposed, adopted, and implemented. This whole process would likely require another generation of vehicles.”

David Barzilai, co-founder and chairman, automotive cyber-security firm 8519 Karamba Security, agrees with Trend Micro that the CAN protocol can be abused, causing it to disable devices on a CAN network, and that 7178 IDS systems will not be able to help against such an attack.
 
However, he says, In order to remotely launch Denial of Service (DoS) CAN attacks, a hacker must compromise an externally-connected electronic control unit (ECU) and interfere with its factory settings. Such interference enables the hackers to start sending CAN messages that generate errors leading to a device DoS.
 
“Instead of changing the legacy CAN protocol in all cars that use it (practically all vehicles), the industry should harden the externally-connected ECUs according to their factory settings, to prevent any unauthorised change to the ECU. Blocking such changes enables the industry to prevent cyber-attacks, including the DoS attack that Trend Micro reported on.”

Location Based Systems

For more information on companies in this article

Related Content

  • Data exploits parking potential
    March 11, 2015
    David Crawford parallel parks with innovations in two continents. Surveys of US cities indicate that drivers searching for parking can account for up to 37% of all urban traffic congestion. A 2011 study by IBM of 20 cities around the world found that nearly six out of ten drivers had abandoned their search for a parking space at least once; while motorists generally spent on average 20 minutes looking for a sought-after spot.
    Read More
  • Wireless - the future of vehicle detection
    July 23, 2012
    Peter Cattell of Clearview Traffic analyses different wireless communications methods and explains how these are changing the face of vehicle detection. With the continued expansion of traffic data collection solutions, providing a robust, reliable, scalable and secure method of collecting information becomes increasingly important. Over many years, various mobile wireless technologies have been utilised to make the remote collection of data a reality but recent developments are changing the way that this w
    Read More
  • European Transport Conference 2022
    Sep 07, 2022 - Sep 09, 2022

    The European Transport Conference (ETC) is the annual conference of the Association for European Transport, attracting transport policy makers, practitioners and researchers from all over Europe and beyond. ETC offers in-depth presentations on policy issues, best practice and research findings across the broad spectrum of transport. ETC also provides an opportunity where delegates can enjoy networking opportunities, participate in technical visits, and explore the exhibition.

    ETC 2022 Return to a live event

    Read More
  • Open-source architecture: closing the standards gap
    May 19, 2023
    Open-source architecture is vital to help accelerate the deployment of new ITS and C/AV solutions, says David Spinney of Econolite Systems. Just so long as we avoid the mistakes of the past…
    Read More

Highlighted Content