CVs vulnerable to ‘low skill’ cyberattacks: report

17% of potential attack scenarios on connected vehicles identified as high-risk, finds Trend Micro 
By Ben Spencer February 23, 2021 Read time: 2 mins
Trend Micro says 66% of attacks are medium-risk while 17% are low-risk (© Melpomenem | Dreamstime.com)

A report published by Trend Micro has revealed high-risk cyberattacks against a connected vehicle (CV) can be carried out by a 'low-skill' attacker. 

The cybersecurity firm says attacks such as a distributed denial of service (DDoS) could overwhelm connected vehicle communications. 

DDoS renders a machine or network resource unavailable to the user by disrupting services of a host connected to the internet. 

Launching a DDoS assault on an exposed ITS infrastructure could have devastating consequences - especially if connected vehicles rely on it for driving decisions, the company adds. 

This is just one of 29 real-world scenarios flagged up in Cybersecurity for Connected Cars Exploring Risks in 5G, Cloud and other Connected Technologies.

Trend Micro identifies 17% as high-risk, 66% as medium-risk and 17% as low-risk. 

The firm says other dangerous attacks include electronically jamming connected vehicle safety systems or wireless transmissions to disrupt operations.

Medium-risk attacks can include sending incorrect or improper commands to back-end ITS.

Remotely transmitting and installing malicious firmware and/or apps fall into the low-risk category. 

Rainer Vosseler, threat research manager for Trend Micro, says the research shows there are “ample opportunities” for attackers looking to abuse connected vehicle technology. 

“Fortunately, there are currently limited opportunities for attacks, and criminals have not found reliable ways to monetise such attacks,” Vosseler continues.

“With the UN's recent regulations requiring all connected cars to include cybersecurity, as well as a new ISO standard underway, now is the time for stakeholders across the industry to better identify and address cyber risk as we accelerate towards a connected and autonomous vehicle future."

Trend Micro has issued guidance for protecting CVs, which includes establishing effective alert, containment and mitigation processes.

The firm also recommends protecting the end-to-end data supply chain across the car's E/E network, the network infrastructure, back-end servers and vehicle security operations centre.

It also emphasises the importance of applying lessons learned to prevent repeat incidents, using security technologies such as firewall, device control, app security, vulnerability scanner and code signalling. 


 

Detection, Monitoring & Machine Vision Classification & Data Collection

For more information on companies in this article

Related Content

  • Use of ITS technology grows more prevalent in safety applications
    January 30, 2012
    Transportation agencies and governments are using ITS technology to protect critical infrastructure from terrorist attack and other threats to economic security and public safety. Andrew Bardin Williams reports. It is no secret that we live in a potentially dangerous world. Terrorism as seen on 9/11 in the United States, subsequent attacks in London, Moscow and Madrid and other acts of violence across the developing world have made vigilance the watchword for ensuring security. Key infrastructure is now bei
    Read More
  • WBCSD calls on India EV pledge 
    October 25, 2021
    World Business Council says targets are necessary to reach Paris Agreement goals 
    Read More
  • How can your business plan for the worst?
    May 12, 2022
    Covid and extreme weather events have recently shown that disruption to our lives and daily routines can come suddenly, and on a staggering scale. Roger Leyland of ISN Solutions outlines what can be done to ensure continuity for agencies and businesses
    Read More
  • Baidu to develop China 5G driving project 
    March 17, 2021
    Baidu plans to build an intelligent connected vehicle demo zone in Chengdu
    Read More

Highlighted Content