The Internet of Things (IoT) is everywhere. All our daily-used devices are now connected – or rather interconnected. And the automotive industry is not an exception to this new standard with its connected and autonomous cars. Modern vehicles have become genuine computers, equipped with dozens of sensors and processors. Although this brings tremendous benefits for users,the industry will have to step up surveillance of the soft spots where their vehicles are vulnerable to data leaks and attacks via mobile applications, infotainment systems, and OBD2 ports. An infographic (below) gives you a break-down of the situation.
Infographic: Under the hood of a connected car hack
The company Arxan, focusing on application protection for connected cars, has released this infographic packed with information on connected cars. It reveals the main vulnerabilities of a “connected” vehicle. The risk exposure is growing: By 2020 it is estimated that 75% of cars will be equipped with internet connectivity which will link them to other cars, mobile devices and road infrastructures.
In the infographic we can see that there are many possible attack points on a car but some are more vulnerable than others. As a result, hackers prioritize mobile applications, infotainment systems and OBD2 ports.
Mobile applications have a direct interface with vehicle systems. These applications may contain binary libraries that expose vehicle data and functionality to cyberattacks.
The infotainment system is the primary communication interface of a car and is packed with personal information and applications that can be easily hacked if they are not properly protected.
Located underneath the dashboard, the OBD2 port is a physical connection that is very vulnerable. It connects devices that monitor speed, braking and location. The OBD2 port is more than just a soft spot; it is THE way to directly access the car’s critical network.
By taking advantage of the different vulnerable areas, cyber attackers can easily extract a car’s binary code via a mobile device or, with reverse engineered software, tamper with binary code and even redeploy malicious software.
If Arxan is giving tips to drivers on how to protect their cars from computer hacks, industries should also start thinking about how to incorporate protection from the very first steps of production. A cyberattack on a car can have serious consequences as proven by researchers when they remotely seized control of a Jeep. Sentryo offers a solution to prevent attacks on connected cars and has already been declared the winner of BMW Tech Date!