Watch An ‘Indefensible’ Car Hack Disable An Alfa Romeo’s Safety Systems – Forbes
Car hacks are old hat nowadays, from a research perspective at least, but an attack that may affect pretty much every car manufacturer on the planet could be real cause for concern. It allows a hacker to disable vehicle safety systems, according to a report, and the researchers say it’s almost “indefensible” in many cases.
Showcased by Politecnico di Milano, Linklayer Labs and Trend Micro staff, the attack is effectively a denial of service (DoS) on the car’s network, rendering features unusable. The hack worked by abusing the car’s network, known as the Controller Area Network (CAN) bus, which is responsible for communications between the vehicle’s various electronic control units (ECUs). By forcing enough errors on a particular system, it would simply shut down.
What makes the attack particularly stealthy is that there’s no need for them to inject malicious data, an action that would likely trigger security systems looking out for anomalies. Instead, all the hackers had to do, after researching the various components of a vehicle, was determine how to trigger an error mechanism on the CAN bus by flipping a single bit (from 1 to 0). “It’s a carefully chosen bit, you have to know the right bit to flip,” explained researcher Federico Maggi. “Once you can fool the network to think a component is sending out too many errors, even though it isn’t really sending out errors, after a while it will get isolated so it can’t send or receive messages.”
In their tests, first carried out in 2016 ahead of their research first presented last month at the DIMVA conference in Bonn, Germany, the hackers exploited an Alfa Romeo Giulietta to make the parking sensors unusable, having obvious ramifications for the safety of the driver. Fiat Chrysler, the owner of Alfa Romeo, hadn’t provided comment at the time of publication. They’ve also released proof-of-concept code and a paper to prove the attacks work.
But there’s a significant caveat that should offer drivers some comfort: the attacks require the hacker either have direct access to the vehicle’s network by plugging in a laptop, or be sitting on a remotely exploitable vulnerability allowing them to rewrite the firmware of an ECU. Neither scenario is impossible, but currently unlikely in a real-world scenario.
Charlie Miller, who showed off a remote attack on a Jeep in 2015 and is now working at GM’s self-driving car division, said on Twitter the hack would be hard to carry out remotely.
I think doing this as part of a remote attack chain is harder than the authors make it out to be. I’d be surprised to see this in practice.
— Charlie Miller (@0xcharlie) August 16, 2017
But Miller agreed car manufacturers should be making efforts to address the concerns, given the difficulties with detecting attacks. As the researchers warned, it would take a monumental effort to address the issues. “Realistically, it would take an entire generation of vehicles for such a vulnerability to be resolved, not just a recall or an OTA (on-the-air) upgrade,” they wrote in a blog post. A fix would require an update CAN standards and then every car maker to implement the new protocols, they claimed.
Maggi said some car manufacturers could have defended against the researchers’ exploits by using a segmented network that meant ECUs couldn’t be shut down when the on-board network was convinced it was putting out error messages. Eric Evenchick, a former Tesla employee who also contributed to the paper, said that despite Trend Micro’s claims to the contrary, it was unlikely airbags could be disabled by the hack as they didn’t rely on the CAN for deployment.
Nevertheless, it’s another timely reminder for car manufacturers to continue improving their security as remote attacks become more of an imminent threat.