PUNTA CANA–The car that you drive every day isn’t really a car. It’s mostly a collection of small computers with a bunch of wires and metal and plastic attached. And like any other computer, the ones in your car can be hacked, as researchers Charlie Miller and Chris Valasek have demonstrated in recent months. That’s the easy part, as it turns out. Implementing an effective detection system for their attacks may wind up being far more difficult.

The idea that the on-board computers in vehicles can be hacked isn’t a new one. Researchers have been taking advantage of weaknesses in the electronic control units (ECU) for several years now. Miller and Valasek last year published a detailed paper showing a series of new attacks they developed that enabled them to control the steering, braking and other functions in some cars while they were driving.

One of the ways that they were able to take control of the systems in the cars was by sending large numbers of controller area network (CAN) packets to the system. The idea is to have their packets win a race to the computer so that the ECU accepts their instructions rather than the legitimate ones. Miller and Valasek said that detecting their attacks is simple and easy to do.

“As long as you’re sitting on the network, detecting these things is so easy and you can shut them down,” said Valasek, director of security intelligence at IOActive. “You know what the car should be doing. It’s always spitting out information.”

One straightforward method for detecting their attacks would be simple anomaly detection. The system could check for unusually large numbers of packets and alert the driver. Or if it saw diagnostic packets showing up while the car was in motion–something that wouldn’t happen under normal circumstances–it would raise the alarm. The problem, though, is that auto manufacturers aren’t very keen on putting anything that isn’t completely necessary into their vehicles. The auto business has tiny margins and is brutally competitive, so adding more cost to a vehicle is frowned upon.

“Auto manufacturers don’t like adding complexity to their cars,” Valasek said after he and Miller delivered a talk on the topic at the Kaspersky Security Analyst Summit here Tuesday. “If you’re trying to tell them to change the architecture, you’d get massive pushback.”

Despite a huge amount of press around their car-hacking exploits, Miller and Valasek have had virtually no contact with the manufacturers. They haven’t been asked to help design detection or prevention systems for their attacks or even to explain them in detail to the manufacturers. And auto manufacturers are loathe to discuss their future product plans, so it’s unclear whether there are any protection methods on the horizon.

“We have no idea what they’re doing. They could be building something,” Miller said. “But it could be years down the line.”

Categories: Hacks, Malware, Vulnerabilities, Web Security

Comment (1)

  1. dakng
    1

    This is nothing new for auto manufactures have been working and embedding black boxes in cars for nearly 10 years. This data can be used not only to figure out the events right up to the accident such as the speed the car way traveling for if the brakes were applied prior to impact. This same black box can be used by law enforcement agencies to track vehicle movements not just for manufacturer diagnostics. If they can track you then conceivably one could also gain access to these network enabled devices. This is even outside the cars that now dynamically pull data such a map and traffic data from the internet.

    Reply

Leave A Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>