One of the most attractive promises of IoT-powered connected cars is enhanced safety. Connected cars use the Internet of Things (IoT) to help avoid accidents and control a wide array of safety technologies, from anti-lock brakes to airbags.
But according to security firm Trend Micro, these safety systems are even more vulnerable to hacking than was previously thought. In a blog post published last week, “The Crisis of Connected Cars: When Vulnerabilities Affect the CAN Standard,” the company publicized an effective, vendor-neutral hack that is “currently indefensible by modern car security technology.”
That doesn’t sound good, and it isn’t.
Why this connected car hack is different
According to Trend Micro, this hack affects almost all connected cars, not just those from a specific vendor or that use a proprietary technology: “Is my car affected? Likely, yes.” That’s because the hack attacks the network protocol—called the Controller Area Network, or CAN, which dates back to the 1980s, that connects everything in the car — from parking sensors to airbags to active safety systems to infotainment.
Because the hack “disables a device (e.g., airbag, parking sensors, active safety systems) connected to the car’s device network in a way that is invisible to state-of-the-art security mechanisms,” it will not be easy to correct. The security issue is not the car makers’ fault, but lies in the standard that specifies how the car device network (i.e., CAN) works.
Car makers can mitigate this kind of attack by adopting specific network countermeasures, Trend Micro said, but they cannot eliminate it entirely. Because the flaw lies in CAN’s basic design, patches, over-the-air updates, or even massive vehicle recalls will not be sufficient.
Trend Micro published a technical brief on the topic: “A Vulnerability in Modern Automotive Standards and How We Exploited It” (pdf). And more information is available in the video below:
Connected cars may move fast, but their technology doesn’t
The real problem here isn’t just this one hard-to-fix vulnerability. It’s the continued drumbeat of connected car security issues, including the highly publicized takeover of a moving Jeep on the freeway three years ago. Keeping cars physically secure has been an issue since automobiles first became popular more than a century ago. Keeping them digitally secure could be an even bigger, more complicated task, with equally costly and destructive consequences for failure.
As Trend Micro put it, “It is time that standardization bodies, decision makers, and car manufacturers take this [situation] into account and revise the design of the cyber-physical systems that govern future automobiles in order to secure them.”
Good luck with that.
It won’t be easy or cheap. It will take a fundamental redesign of how connected cars work, and given the economics of the situation, that’s not likely to be even contemplated unless and until these vulnerabilities lead to real damages to vehicles and people.
And given the long product lifecycles in the automotive industry, even then it could take decades, not just years, to fully address the problems that become known. In that time, of course, new vulnerabilities are likely to crop up, leaving the industry constantly trying to chase down problems that seem to constantly accelerate ahead of their ability to respond.
Hmmm, maybe that old un-connected jalopy isn’t such a bad ride after all!