While highways full of driverless cars may be a shining vision of the future for some, from a hacker’s perspective they represent yet another opportunity to wreak havoc.
Here are some attacks that are likely to be targeted at highly connected and autonomous cars:
Privilege escalation and system interdependencies: Attackers will seek vulnerabilities is lesser-defended services, such as entertainment systems, and try to “leap” across intra-car networks to more sensitive systems through the integrated car communications systems.
System stability and predictability: Autonomous cars will need to include software provided by a variety of vendors. Information technology (IT), unlike industrial controls systems such as legacy car systems, are not known for predictability.
And last but not least, there are legal and authenticity issues. Can we consider the location data of the car as authentic? That is, if your car reports you opened it, entered it, and traveled to a particular location at a certain time of the day, can we really assume everything happened as recorded? Will such data hold up in court? Or can this sort of data be manipulated?
Similarly, if cars contain software from several different providers, and spend the day moving from one network to another, who is accountable or liable for a security breach and resulting losses or damage?
So, the question is, how do we secure autonomous cars?
The first step must be greater awareness about potential cyber threats. A closer alliance with the internet security industry will benefit everyone. The Automobile ISAC (information Sharing and Analysis Centre) is an interesting precedent.
Next, incorporating more technology into a vehicle, whether for improving the customer’s driving experience or enhancing the vehicle’s performance, must be balanced with the management of their potential threats and risks.
Additionally, a growing problem with many IoT devices is that they use common communications programs that have no security built into them at all.
Automotive security can be addressed as three distinct domains that may make use of similar techniques in some instances, and require novel treatments in others.
n Intra-vehicle communications. Smart vehicles will have several distinct on-board systems, such as vehicle controls systems, entertainment systems, passenger networking, and even third-party systems loaded on demand by owners which need to engage in “cross-talk”. This cross-talk needs to be monitored and managed by systems such as firewalls and Intrusion Prevention Systems (IPS) that can distinguish between legitimate and normal communications and illicit activity in the car’s area network.
n External communications. Many on-board systems will communicate with Internet-based services for manufacturer maintenance, software updates, passenger internet access, travel and driving instructions, service requests, purchase of items or services or data backup. This also means that traffic to and from the vehicle will need to be inspected for threats and illicit, defective, or unauthorised communications.
n Next, connectivity infrastructure will likely be based on cellular networks, such as 3G and 4G data services. Securing cellular networks providing critical vehicle connectivity will require a thorough review.
n Finally, high-assurance identity and access control systems suitable and designed for machines, not people, will need to be incorporated such that cars can authenticate incoming connections to critical systems, and internet-based services can authenticate cars and the information they log to the cloud.
The author is regional director, India & SAARC, Fortinet