CVs vulnerable to ‘low skill’ cyberattacks: report

17% of potential attack scenarios on connected vehicles identified as high-risk, finds Trend Micro 
By Ben Spencer February 23, 2021 Read time: 2 mins
Trend Micro says 66% of attacks are medium-risk while 17% are low-risk (© Melpomenem | Dreamstime.com)

A report published by Trend Micro has revealed high-risk cyberattacks against a connected vehicle (CV) can be carried out by a 'low-skill' attacker. 

The cybersecurity firm says attacks such as a distributed denial of service (DDoS) could overwhelm connected vehicle communications. 

DDoS renders a machine or network resource unavailable to the user by disrupting services of a host connected to the internet. 

Launching a DDoS assault on an exposed ITS infrastructure could have devastating consequences - especially if connected vehicles rely on it for driving decisions, the company adds. 

This is just one of 29 real-world scenarios flagged up in Cybersecurity for Connected Cars Exploring Risks in 5G, Cloud and other Connected Technologies.

Trend Micro identifies 17% as high-risk, 66% as medium-risk and 17% as low-risk. 

The firm says other dangerous attacks include electronically jamming connected vehicle safety systems or wireless transmissions to disrupt operations.

Medium-risk attacks can include sending incorrect or improper commands to back-end ITS.

Remotely transmitting and installing malicious firmware and/or apps fall into the low-risk category. 

Rainer Vosseler, threat research manager for Trend Micro, says the research shows there are “ample opportunities” for attackers looking to abuse connected vehicle technology. 

“Fortunately, there are currently limited opportunities for attacks, and criminals have not found reliable ways to monetise such attacks,” Vosseler continues.

“With the UN's recent regulations requiring all connected cars to include cybersecurity, as well as a new ISO standard underway, now is the time for stakeholders across the industry to better identify and address cyber risk as we accelerate towards a connected and autonomous vehicle future."

Trend Micro has issued guidance for protecting CVs, which includes establishing effective alert, containment and mitigation processes.

The firm also recommends protecting the end-to-end data supply chain across the car's E/E network, the network infrastructure, back-end servers and vehicle security operations centre.

It also emphasises the importance of applying lessons learned to prevent repeat incidents, using security technologies such as firewall, device control, app security, vulnerability scanner and code signalling. 


 

Detection, Monitoring & Machine Vision Classification & Data Collection

For more information on companies in this article

Related Content

  • Making cars safer for vulnerable road users
    June 2, 2016
    Richard Cuerden considers measures to improve the safety of vulnerable road users. The competitive nature of the car market has seen an increase in protection for those travelling inside the vehicle and this is reflected in the casualty statistics -but the same does not apply to those outside the vehicle. And with current societal trends such as ageing populations, an increasing number of pedestrians and cyclists encouraged by environmental policies, this is an area that authorities such as the European Uni
    Read More
  • IT security? Get your head in the cloud
    January 23, 2020
    Cloud-based operations have been around for a decade or so - and Andy Souders of All Traffic Solutions suggests they are increasingly viable solutions for the transportation sector
    Read More
  • ITS European Congress 2022: preview
    May 10, 2022
    Event takes place in Toulouse from 30 May to 1 June and focuses on smart mobility
    Read More
  • Videology cameras get smarter with SCAiLX
    October 23, 2023
    SCAiLX-ZB cameras come with third party edge AI middleware installed
    Read More

Highlighted Content