Automotive cybersecurity hacks made easy
Low-tech thieves can still hack car key fobs with easily obtainable hardware-software and poorly developed policies for on-board diagnostic protocols.
Not so long ago, while attending a tech conference in San Francisco, my colleague's premium BMW was robbed by a cyber attacker. There was no damage to the car but our two laptops (secured in the trunk) were stolen. From that point on, automotive wireless security issues became a real concern for me.
How did the burglary happen? With great ease, according to several recent reports. By using a $ 30 tool developed by hackers to “pwn” in car security systems, unskilled criminals can easily open and steal high-end cars. "Pwn" is Internet slang for "owning" as well as for conquering or stealing to acquire ownership. With China's $ 30 tool, criminals are able to reprogram a blank car key that allows these non-tech thieves to steal a vehicle in two or three minutes. And it's not just questionable technology in China. Extensive internet research reveals a certain encryption development kit offered by a leading US company. It is hoped that its main use is to develop ways to defend against ongoing hacks.
Part of the problem is the automotive on-board diagnostics (OBD) bypass tools available by shipping from China and Eastern Europe. Potential car thieves need only intercept the wireless transmission between a valid key fob and a car before reprogramming a blank key. With the new key / remote in hand, criminals can then either open the car or start it, via the OBD system and protocols.
RF and wireless sniffers and jamming products are readily available on the Internet. The product descriptions on these websites are usually so poorly written that they confirm the foreign origin of most suppliers. BTW: Intentional interference with RF signals is illegal in the United States.
RF jammers exist for every type of wireless protocol, from GPS, Wi-Fi and Bluetooth to mobile phones. Why jam the signals from your car? One reason would be to hide the GPS tracking data sent to your car's trip location. Cell phone transmissions can also be blocked. Also, such jammers could be used against nearby vehicles depending on their proximity, the strength of the jammer's transmitter and the architecture of the target receiver (i.e., the vehicle being blocked. ).
The purpose of jamming is to interfere with or prevent clear reception of RF signals by electronic means. Typically, a scrambler is designed specifically for a targeted receiver architecture. Once the type of jammer is known, its effects can be mitigated in the receiver.
Detecting the presence of a signal jammer is essential to alleviating the problem, as it is very difficult to block the jammer. Technically savvy car owners can use spectrum analyzers to measure average energy changes in the remote's locking spectrum. The detection of a jamming scenario lets the car owner know that a danger is present. The technology is now so prolific that a quick internet search reveals instructions on how to hack a car key fob in startling detail. (Note: I am deliberately not mentioning any specific product or site.)
When it comes to policy challenges, it should be understood that OBD readers are readily available for legitimate purposes for auto repair shops and aftermarket. One of the problems is that OBD data must be opened to these third-party garages to meet the European Free Trade Federation's rules on open competition in the auto trade.
This means that well-intentioned but poorly designed foreign market labor technology and policies allow cybercrime in a global economy. This is a systemic problem that will require close cooperation between high-tech security and software companies, OEMs and policy makers from various governments.
Nonetheless, more could be done to improve the often referred to as weak cryptography of many wireless automotive key systems. Several standards have emerged which should help. For example, the United Nations Economic Commission for Europe (UNECE), in collaboration with the ISO standards manager and others, provided a document on system security principles for intelligent transport systems and connected and automated vehicles. This document references the applicable ISO / IEC JTC 1 standards and guidance documents, as well as two SAE standards: SAE J3061, Cyber Security Guide for Cyber-Physical Vehicle Systems and SAE J3101, Requirements for Protected Security. material for vehicle ground applications; and four NIST documents.
The problem now extends beyond the vulnerabilities of wireless and keyless car locking systems. In late 2019, Motherboard reported that a hacker known only as L&M had hacked more than 27,000 commercial car fleet accounts via GPS signals. The hacker could then track vehicles in a small number of foreign countries, including India and the Philippines, and shut down the engines of vehicles that were stopped or traveling at 20 km / h or less, Motherboard reported.
The problem of insufficient automotive cybersecurity will only worsen with the shift to autonomous and connected cars.
