Hackers finding ways to exploit automotive software to overtake cars
A new report from IntSights details the many ways cybercriminals break into a new generation of highly digitized cars.
Over the last ten years cars have become packed full of new technology that makes it easier to play music and movies, take calls, or get directions all from your dashboard. But this digitization has come at a cost, giving cybercriminals a seemingly endless amount of access points to take over vehicles.
The study notes that hackers have infiltrated automotive systems and hardware since 2010.
"The pressure to deliver products as fast as possible puts a big strain on vehicle security capabilities, manufacturing facilities, and automotive data. Industry leaders have since come to understand that cybercrime threats to cars were not as far-fetched as originally thought," the report said. "IntSights discovered easy-fo-find online shops that sell car hacking tools on the clear web. These online shops sell services that disconnect automobile immobilizers, as well as services that sell code grabbers and forums that give bad actors a complete tutorial on how to steal vehicles."
The IntSights report said most car hacking tools can be found on websites or forums like Omerta.cc, Sindikat, Nulled.to, Carmasters.org, Autoteamsforums.ru, ffffff.ru, and Dublikat, which provide a wealth of information, tools, code grabbers, and tutorials. There are also a bevy of Russian sites offering help like forum.grabbs.org, Migalki.pw, and Chipadla.ru.
Traditionally, cars were considered too difficult to hack into and not worth the amount of time and energy required. But as cars have added Wi-Fi, GPS, and other features, the amount of attack surfaces have increased. The average car now includes thousands of pieces of hardware as well as millions of lines of code, giving cybercriminals ample opportunity to test their methods.
The most popular method involves attacking a car's CAN protocol, which can give a hacker full access to all of the vehicle's functions.
"The biggest challenge for hackers attempting to exploit remote access points is the required proximity to do so. Attacking a moving car can be near impossible if the hacker needs to physically connect to it," the report said. "However, there are ways to bypass this problem: Attacking a car via a cellular network, breaking into its Wi-Fi access points, or breaking in via the manufacturer's backend system, to which many modern cars are connected."
Cybercriminals have also been able to attack a car's Remote Keyless System, which allows owners to open and start their vehicle without a key. The key fob technology used for this system is decades old and is considered tough to crack, but a new generation of code grabbers has allowed car thieves to either outright mimic the signals or intercept them.
These kinds of code grabbers are now widely available on the dark web, and there are dozens of forums throughout the web where cybercriminals can congregate and share best practices.
The IntSights study says certain tools, like one named "RollJam," can work on any car and can be bought for as little as $32. Cybercriminals are also offering other tools like Panda DXL, Grabos Panda, and Code Grabber, which can run for a range of prices reaching about $2,000.
One of the biggest problems with modern cars are a new slate of apps designed to equip vehicles with smartphone-like capabilities.
The study says researchers at security firm Argos did tests that proved you could take applications, reverse engineer them, and shut down a car engine, all remotely. Cybercriminals can also create faux applications that also give them control of all the car's systems.
Cellular connection conundrum
Hackers can even gain access through car companies themselves, which now communicate with vehicles through applications that send information to them. If there is a breach of the car company's servers, a cybercriminal could easily mess with the information shared between the company servers and the vehicle's brain. In addition, hackers have also been able to load malware onto a car owner's phone, through phishing campaigns or fake apps, and infect vehicles that way. Cybercriminals have even had success manipulating cellular networks through built in SIM cards, which car companies use to extract real-time information and update firmware.
The IntSights Report says Virginia Polytechnic Institute and State University scientists were able to hack into a car's navigation system and send drivers to the wrong location.
During a DefCon presentation in 2015, Chris Valasek and Charlie Miller showed that you could stop engines, initiate the brakes, and manipulate other vehicle functions all through a simple cellular connection.
The study said this problem will only get worse because of the need for constant updates, which may not take place considering the decades-long life of most cars. The likelihood is that most cars will eventually have gaping security holes waiting to be exploited by cybercriminals.
"In an ever-increasing digital climate, it is vital that businesses take the necessary precautions to avoid cyberattacks. Since cars are primarily attacked using remote access, security teams are often not able to detect when and where their systems have been compromised, leaving unknowing drivers susceptible," the study said.
"The ability to use the wireless spectrum as an entry point into the car network is the driving factor behind attacks that leverage the wireless spectrum, be it Keyfobs, infotainment systems, car diagnostics systems, or wireless tire pressure sensors. As the physical hardware of motor vehicles is a challenging target that requires malicious intent and specialized tools, we should expect to see more software attacks against infotainment systems, charging stations and mobile apps."