CVs vulnerable to ‘low skill’ cyberattacks: report

17% of potential attack scenarios on connected vehicles identified as high-risk, finds Trend Micro 
By Ben Spencer February 23, 2021 Read time: 2 mins
Trend Micro says 66% of attacks are medium-risk while 17% are low-risk (© Melpomenem | Dreamstime.com)

A report published by Trend Micro has revealed high-risk cyberattacks against a connected vehicle (CV) can be carried out by a 'low-skill' attacker. 

The cybersecurity firm says attacks such as a distributed denial of service (DDoS) could overwhelm connected vehicle communications. 

DDoS renders a machine or network resource unavailable to the user by disrupting services of a host connected to the internet. 

Launching a DDoS assault on an exposed ITS infrastructure could have devastating consequences - especially if connected vehicles rely on it for driving decisions, the company adds. 

This is just one of 29 real-world scenarios flagged up in Cybersecurity for Connected Cars Exploring Risks in 5G, Cloud and other Connected Technologies.

Trend Micro identifies 17% as high-risk, 66% as medium-risk and 17% as low-risk. 

The firm says other dangerous attacks include electronically jamming connected vehicle safety systems or wireless transmissions to disrupt operations.

Medium-risk attacks can include sending incorrect or improper commands to back-end ITS.

Remotely transmitting and installing malicious firmware and/or apps fall into the low-risk category. 

Rainer Vosseler, threat research manager for Trend Micro, says the research shows there are “ample opportunities” for attackers looking to abuse connected vehicle technology. 

“Fortunately, there are currently limited opportunities for attacks, and criminals have not found reliable ways to monetise such attacks,” Vosseler continues.

“With the UN's recent regulations requiring all connected cars to include cybersecurity, as well as a new ISO standard underway, now is the time for stakeholders across the industry to better identify and address cyber risk as we accelerate towards a connected and autonomous vehicle future."

Trend Micro has issued guidance for protecting CVs, which includes establishing effective alert, containment and mitigation processes.

The firm also recommends protecting the end-to-end data supply chain across the car's E/E network, the network infrastructure, back-end servers and vehicle security operations centre.

It also emphasises the importance of applying lessons learned to prevent repeat incidents, using security technologies such as firewall, device control, app security, vulnerability scanner and code signalling. 


 

Detection, Monitoring & Machine Vision Classification & Data Collection

For more information on companies in this article

Related Content

  • Rekor targets Oklahoma's uninsured drivers 
    November 23, 2020
    Solution provides real-time detection of non-compliant vehicles, says company
    Read More
  • Awards finalists for 2024
    April 16, 2024
    The wait is over! This morning, at the end of the official opening of Intertraffic Amsterdam 2024 from 08:30 to 10:15 in Intertraffic Summit Theatre 1, the winners of the Intertraffic Awards will be announced. The three Intertraffic Awards up for grabs are: the Green Globe Award, which symbolises innovation that delivers significant environmental benefits; the Inspiration Award, which highlights groundbreaking products inspiring the industry in new directions; and the User Experience Award, which recognises excellence in control systems for the end user. There are five nominees in each of the three categories, representing mobility solutions manufacturers from 11 different countries.
    Read More
  • Arcadis releases EV infrastructure report
    September 23, 2022
    Report looks at range of regions, including North America and continental Europe
    Read More
  • Mobileye plans AV people movers for US
    February 22, 2022
    Intel firm partners with Benteler and Beep for first- and last-mile use cases from 2024
    Read More

Highlighted Content