Today, many automobiles companies are offering vehicles that run on the mostly drive-by-wire system, which means a majority of car’s functions—from instrument cluster to steering, brakes, and accelerator—are electronically controlled.
No doubt these auto-control systems make your driving experience much better, but at the same time, they also increase the risk of getting hacked.
Car Hacking is a hot topic, though it is not new for security researchers who hack cars. A few of them have already demonstrated how to hijack a car remotely, how to disable car’s crucial functions like airbags, and even how to remotely steal cars.
Now, security researchers have discovered a new hacking trick that can allow attackers to disable airbags and other safety systems of the connected cars, affecting a large number of vendors and vehicle models.
A team of researchers from Trend Micro’s Forward-looking Threat Research (FTR) team, in collaboration with Politecnico di Milano and Linklayer Labs, discovered a critical security vulnerability in the CAN (controller area network) protocol that car components use to communicate to one another within the car’s network.
Hackers Can Remotely Take Control of Smart Cars
Initially developed in 1983 and put into production in 1989, the CAN standard manages the majority of the electrical subsystems and control units found in a significant number of modern smart cars.
If exploited, the vulnerability could eventually allow attackers to turn off crucial safety functions of a vehicle, such as airbags, power-steering, parking sensors, and the anti-lock brakes—or almost any computerised component that’s connected to the car’s CAN bus.
Since the CAN standard is being used in “practically every light-duty vehicle currently in circulation today,” the fundamental security flaw affects all modern, internet-connected vehicles, rather than just a particular vendor.
How Your Smart Car Can Get Hacked?
The hack particularly targets the messaging system in CAN, in which messages, including errors, are called “frames.”
“Our attack focuses on how CAN handles errors. Errors arise when a device reads values that do not correspond to the original expected value on a frame,” Trend Micro researcher Federico Maggi writes in a blog post.
“When a device detects such an event, it writes an error message onto the CAN bus in order to “recall” the errant frame and notify the other devices to entirely ignore the recalled frame.”
By overloading the system with error messages, attackers can make a device to go into a Bus Off state, cutting it off from the greater CAN system and making it inoperable.
This, in turn, allows attackers to deactivate essential systems like the airbag system or the anti-lock braking system, which could result in dangerous and even fatal situations.
The attack requires a “specially-crafted attack device” to be introduced via local access, which is only possible if the attacker has access to your vehicle.
However, researchers believe that current transportation trends like ride-sharing, carpooling, and car renting have made the scenario much easier.
It’s a Design Flaw — Can’t Be Patched!
Since the vulnerability exists in the design of the CAN bus messaging protocol used in CAN controller chips, the issue can not be directly patched with an OTA (on-the-air) upgrade or dealer recall.
Patching this design flaw requires changes in the CAN standards and an entire generation of vehicles using this specification. So, unfortunately, there is no remedy to the problem yet.
However, the researchers recommended car manufacturers to adopt some network countermeasures, which would mitigate such attacks, but not entirely.
“Car manufacturers can only mitigate the attack we demonstrated by adopting specific network countermeasures, but cannot eliminate it entirely,” the researchers said.
“To eliminate the risk entirely, an updated CAN standard should be proposed, adopted, and implemented. This whole process would likely require another generation of vehicles.”
Researchers also suggest car makers even to consider adding a layer of encryption to the CAN bus protocol that will make messages harder to mimic, as part of a long-term security solution.