Trend Micro discovers 'indefensible' car security/CAN standard flaw

Trend Micro claims to have discovered a hack is found that is not only successful in being able to drastically affect the performance and function of the car, but is also stealthy and vendor neutral. Discovered by researchers at Politecnico di Milano, Linklayer Labs and Trend Micro’s Forward-looking Threat Research (FTR) team, the hack is said to be currently indefensible by modern car security technology and to completely resolve it would require broad, sweeping changes in standards and the ways in-vehi
August 18, 2017 Read time: 3 mins
Trend Micro claims to have discovered a hack is found that is not only successful in being able to drastically affect the performance and function of the car, but is also stealthy and vendor neutral.


Discovered by researchers at Politecnico di Milano, Linklayer Labs and Trend Micro’s Forward-looking Threat Research (FTR) team, the hack is said to be currently indefensible by modern car security technology and to completely resolve it would require broad, sweeping changes in standards and the ways in-vehicle networks and devices are made. Realistically, it would take an entire generation of vehicles for such a vulnerability to be resolved, not just a recall or an OTA (on-the-air) upgrade.

The researchers say it abuses the Controller Area Network, or CAN, network protocol that connects all in-vehicle equipment, parking sensors, airbag, active safety system and infotainment systems and allows them to communicate. The standard for this network is called a Controller Area Network, or CAN.

Trend Micro’s online blog says, “It’s not the car manufacturers’ fault, and it’s not a problem introduced by them. The security issue that we leveraged in our research lies in the standard that specifies how the car device network (i.e., CAN) works. Car manufacturers can only mitigate the attack we demonstrated by adopting specific network countermeasures, but cannot eliminate it entirely. To eliminate the risk entirely, an updated CAN standard should be proposed, adopted, and implemented. This whole process would likely require another generation of vehicles.”

David Barzilai, co-founder and chairman, automotive cyber-security firm 8519 Karamba Security, agrees with Trend Micro that the CAN protocol can be abused, causing it to disable devices on a CAN network, and that 7178 IDS systems will not be able to help against such an attack.
 
However, he says, In order to remotely launch Denial of Service (DoS) CAN attacks, a hacker must compromise an externally-connected electronic control unit (ECU) and interfere with its factory settings. Such interference enables the hackers to start sending CAN messages that generate errors leading to a device DoS.
 
“Instead of changing the legacy CAN protocol in all cars that use it (practically all vehicles), the industry should harden the externally-connected ECUs according to their factory settings, to prevent any unauthorised change to the ECU. Blocking such changes enables the industry to prevent cyber-attacks, including the DoS attack that Trend Micro reported on.”

Location Based Systems

For more information on companies in this article

Related Content

  • Computer technology increasingly aids traffic management
    February 3, 2012
    Alan Perrott, Tyco Fire & Integrated Solutions (UK) Ltd, looks at trends in CCTV technology for traffic surveillance applications
    Read More
  • Trials of new technologies to counter age-old work zone challenges
    May 19, 2017
    New solutions are being used to improve the management and safety of work zones on roads both big and small, as Jon Masters discovers. The UK government has recently been going to some lengths to paint a picture of a nation embracing a future of digital technology – understandably given the economic concerns arising from exiting the European Union. In December last year, however, the UK National Infrastructure Commission (NIC) put down a somewhat different marker for where the UK is now in terms of mobile c
    Read More
  • Cross layer DCC management standard published
    June 17, 2015
    The Technical Committee Intelligent Transport Systems (ITS) of the European Telecommunications Standards Institute (ETSI) has issued its technical specification, Intelligent Transport Systems (ITS); Cross Layer DCC Management Entity for operation in the ITS G5A and ITS G5B medium. The document, ETSI TS 103 175 V1.1.1, specifies: the support functions of DCC that need to be in the management plane, i.e. cross-layer DCC operations; the required interface parameters between the DCC management entity and the DC
    Read More
  • SmartStation group reveal the importance of intelligent stops
    March 13, 2018
    A SmartStation research and design project has worked with PTV Group and Raumobil to develop ideas on how to turn analogue stops into digital hubs, in Karlsruhe. The scheme, commissioned by the Federal Ministry of Transport and Digital Infrastructure, set out to reveal the importance of networked stations for multimodal mobility. The initiatives 18-month research phase identified that intelligent stops that include analogue facilities such as information terminals, escalators, elevators and lockers need to
    Read More

Highlighted Content