Automotive Cybersecurity

Introduction:

Automotive cybersecurity is defined as the prevention of unauthorized access to the vehicle. The fact is that vehicles nowadays are becoming more connected to the internet and software, and vehicle can be remotely accessed, which will create scope for increased cyberattacks on the vehicle. Automotive cybersecurity will protect the vehicles. A successful cyberattack on the vehicle can lead to big consequences. As hackers can hack the vehicle system through the internet or software, and they will able to drive the car and be able to take the car away.

What is the importance of automotive cybersecurity:

Automotive companies are now reliant on complex technology and software to build smart cars. This raises the concern of vulnerabilities in the modern automobile. One of the major targets is the EUC (Electronic Control Unit). The EUC provides all the communication and essential capabilities for operating and monitoring the vehicle system. Hackers generally use the EUC as the main target to attack, as it can be vulnerable, and the ECUs can be reverse-engineered and compromised. To safeguard the vehicle against cyberattacks, it is important to have automotive cybersecurity for protection and prevention from unauthorised access.

What are the cybersecurity vulnerabilities within the Automotive Industry:

There is a rise in the integration of advanced technologies like autonomous driving, connected services, and infotainment system. These technologies made the vehicle more susceptible to cyber threats.
Technology is evolving, and with this, the hackers have proven that this is a good opportunity for them to hack the system and can open the door and unlock the vehicle, even able to drive the car, and the hackers can change the speed limit.
The attackers can use two key areas for hacking, such as using the vehicle itself and the business-critical systems.
According to CERT-IN, The electric charging station is also susceptible to cyber threats.

As per the global automotive cybersecurity report, the top cyberattacks that happened in 2022 were telematics and applications servers and keyless entry.

Recent cases of cyberattacks on vehicles:

EUCs are the primary target of cyber attackers to hack the vehicle-

The EUC (Electronic control unit) can be reverse-engineered and can be compromised as 2015-2018, there were frequent attacks on EUC, and here are some recent cases -Jeep Hacking in 2015, tesla hacking in 2016, and 2017, BMW hacking in 2018 and, many more cases.

Here is a summary of how attackers target the ECU-

Sending altered CAN messages to ECUs to appear as legitimate messages to kill the engine, brakes, and turn the steering wheel.
Reprogramming and, in some instances reflashing firmware on ECUs to obtain unlocking seeds to perform privileged operations like read/write memory.
Resetting and deactivating legitimate ECUs, which prevented receiving and sending CAN messages.
Sniffing of CAN messages allowed attackers to extract sensitive information being sent from and to ECUs.

What are the potential consequences of a cyberattack on the vehicular system?

A cyber attack on a vehicle can lead to a dangerous situation as this could lead to personal data leaks. And the hacker could also use tracking manipulation and can handle the speed limit of the car. The driver can protect himself by using strong passwords and unique passwords for connecting services. Also, avoid third-party modification that may result in compromising vehicle security.

Conclusion:

Automotive cybersecurity secures the vehicle from cyberattacks and with the technology advanced time it is very important to always avoid mistakes that can cause cyber threats. Automotive cybersecurity in simple words, is a process that tries to protect the vehicle from threats and safeguard the performance of the car. The aim of automotive cybersecurity is to ensure that the car driver owner will have a secure driving experience. As per statistics, there have been 1 million cyberattacks on the vehicle since 2011. These attacks can cause major damage to the steering, brakes, and acceleration system and this can result in road accidents.

References:

Author: Himanshi Singh, Associate, Policy & Advocacy Team, CyberPeace