Cyber defense

The media never tires of reporting on hacker attacks on the latest car models. The manufacturers, in turn, are trying to postulate security against these attacks. But what has really happened since then? Is the networked vehicle of tomorrow safer than the PC linked to the Internet? Up to now, the extent of cyberattacks on vehicles has hardly been publicly known. Is this because an attack on a series of vehicles involves more effort than an attack on the home network? Or is it simply luck?

More open gaps through technical progress

The cyber experts at Cyoss are certain: Driving has never had so many opportunities for attack as it does today. The more vehicles become a rolling IT device, the more attack surfaces emerge from their connected networking. In contrast to a modern, stationary IT system, current vehicles do not yet have the necessary computing power on the individual control units or the necessary real-time capability of the components to implement all established security mechanisms from classic IT in the vehicle. Cyber defense requires computing power - more computing power in turn leads to more expensive control units. From a cost perspective, it is necessary to weigh up between smart customer convenience features and cyber security.

"Added to this is the difficulty that sophisticated security cannot be integrated so easily into existing vehicle platforms but must be planned into the architecture from the very beginning in the sense of security-by-design. And it is precisely in this environment of a lack of cross-manufacturer security standards and a proliferation of existing architectures that the challenge lies," says security expert Dr. Oliver Hanka, who as head of the Cyber Security business unit has already worked with his team on numerous vehicle platforms.

As consistent and structured as the security experts are, as creative are the hackers. Attacking the keyless entry systems of various manufacturers has long been part of the standard repertoire of a good hacker. Further points of attack are, for example, the increasing number of direct connections between control units and backend servers. These control units, which, for example, enable the opening of doors or control the ignition in car-sharing vehicles, could be tricked by weak encryption or missing certificates with interposed cellular connections working on behalf of the hacker. A still little-known point of attack is targeted by counterfeit components. Once installed, they work on behalf of the hacker, not the driver. This is achieved by means of copied and adapted firmware, which makes the system believe that the component is genuine. With physical access to the CAN bus, far more frightening scenarios could be imagined.