The Changing Face of Automotive Cyber Attacks

The history of automotive cyber attacks on vehicles can be traced back to the late 1990s, with the introduction of the OnBoard Diagnostics port (ODB) into vehicles which, for the first time, provided direct access to engine management systems.

Of course, in those days to attempt to hack a vehicle you needed expensive hardware, direct access to it in order to connect to the ODB port and proprietary software. Even then, it was far from simple, as you had to have an understanding of the Control Area Network bus (CANbus) control codes, which are typically unique to each vehicle model. Furthermore, as systems were predominantly isolated on different bus topologies, just having access to one bus would not allow you to easily access other electrical sub systems. Back in the early 2000s, what we know today as the In-Vehicle Infotainment (IVI) system was typically a proprietary piece of hardware running a Real Time Operating System (RTOS) and had very limited functionality in comparison to today’s advanced Android-based systems.

As vehicles became more sophisticated, so did the methods of attack. These ranged from “man in the middle” attacks extending the range of key fobs to broadcasting false traffic information over RDS systems to try and make cars re-route.

Read Full Article

Related industries: Cybersecurity, Information Technology & Information Assurance