Trend Micro discovers 'indefensible' car security/CAN standard flaw

Trend Micro claims to have discovered a hack is found that is not only successful in being able to drastically affect the performance and function of the car, but is also stealthy and vendor neutral. Discovered by researchers at Politecnico di Milano, Linklayer Labs and Trend Micro’s Forward-looking Threat Research (FTR) team, the hack is said to be currently indefensible by modern car security technology and to completely resolve it would require broad, sweeping changes in standards and the ways in-vehi
August 18, 2017 Read time: 3 mins
Trend Micro claims to have discovered a hack is found that is not only successful in being able to drastically affect the performance and function of the car, but is also stealthy and vendor neutral.


Discovered by researchers at Politecnico di Milano, Linklayer Labs and Trend Micro’s Forward-looking Threat Research (FTR) team, the hack is said to be currently indefensible by modern car security technology and to completely resolve it would require broad, sweeping changes in standards and the ways in-vehicle networks and devices are made. Realistically, it would take an entire generation of vehicles for such a vulnerability to be resolved, not just a recall or an OTA (on-the-air) upgrade.

The researchers say it abuses the Controller Area Network, or CAN, network protocol that connects all in-vehicle equipment, parking sensors, airbag, active safety system and infotainment systems and allows them to communicate. The standard for this network is called a Controller Area Network, or CAN.

Trend Micro’s online blog says, “It’s not the car manufacturers’ fault, and it’s not a problem introduced by them. The security issue that we leveraged in our research lies in the standard that specifies how the car device network (i.e., CAN) works. Car manufacturers can only mitigate the attack we demonstrated by adopting specific network countermeasures, but cannot eliminate it entirely. To eliminate the risk entirely, an updated CAN standard should be proposed, adopted, and implemented. This whole process would likely require another generation of vehicles.”

David Barzilai, co-founder and chairman, automotive cyber-security firm 8519 Karamba Security, agrees with Trend Micro that the CAN protocol can be abused, causing it to disable devices on a CAN network, and that 7178 IDS systems will not be able to help against such an attack.
 
However, he says, In order to remotely launch Denial of Service (DoS) CAN attacks, a hacker must compromise an externally-connected electronic control unit (ECU) and interfere with its factory settings. Such interference enables the hackers to start sending CAN messages that generate errors leading to a device DoS.
 
“Instead of changing the legacy CAN protocol in all cars that use it (practically all vehicles), the industry should harden the externally-connected ECUs according to their factory settings, to prevent any unauthorised change to the ECU. Blocking such changes enables the industry to prevent cyber-attacks, including the DoS attack that Trend Micro reported on.”

Location Based Systems

For more information on companies in this article

Related Content

  • New technologies enable increased collaboration, cooperation
    July 17, 2012
    The continued expansion of IP camera networks increases the availability of useful information. At the same time, the opportunity exists to increase inter-agency collaboration. This makes information management all the more necessary in the control room environment. But the transportation sector could do a lot to help itself by gaining a better idea up front of what and how it wants to do things, says Electrosonic's Karl Johnson.
    Read More
  • European data security agency focuses on public transportation cyber security
    February 15, 2016
    In the light of the trend towards smart cities, the European Union Agency for Network and Information Security (ENISA) has released a report on smart cities and their intelligent public transportation (IPT) systems. The report, Cyber Security and Resilience of Intelligent Public Transport, focuses on the protection of the assets critical to IPT in the context of smart cities. These assets are considered critical as they contribute to the normal operation of local public transport networks, including metr
    Read More
  • Cohda trial proves C-ITS can work in tunnels
    August 29, 2019
    Connected cars require uninterrupted signals to ensure driving safety. Going underground creates problems – but a trial in Norway suggests that there might be light at the end of the tunnel… As connectivity becomes increasingly important for transportation – in particular for connected and autonomous vehicles (C/AVs) - the problem of ‘blackspots’ and dead zones where signals fail or drop out is a pressing one. But developments early this year suggest that advances in technology might be on the brink of d
    Read More
  • RuggedBackbone universal comms platform
    July 30, 2012
    RuggedCom has introduced the RuggedBackbone RX5000, a new high port density routing and switching platform designed to operate in harsh environments. The device can withstand high levels of electromagnetic interference, radio frequency interference and a temperature range of -40°C to +85°C. The product is a scalable, hot-swappable, modular platform which provides its users with the ability to make product modifications as their network grows or their needs change. RuggedCom says the cyber security and net
    Read More

Highlighted Content