Automotive cybersecurity vulnerabilities
The automotive industry is evolving. Manufacturers are constantly expanding vehicle capabilities and increasing their connectivity. But with new technologies come new security threats. As vehicles become more advanced, so too increases the number of vulnerabilities & attack vectors that adversaries can exploit which threatens numerous sectors of the ecosystem.
There are two key areas that an attacker could target. The technology within a vehicle itself and business critical systems.
Vehicle vulnerabilities
A cyber attack on a vehicle could have catastrophic consequences, with attackers targeting areas such as:
- Vehicle safety: Ability to fully remote start & stop a vehicle’s engine.
- Vehicle security: Some vehicles now have fully remote locks which can be exploited by attackers.
- Vehicle tracking: Retrieve vehicle locations via GPS.
- Data protection of customer’s private information: The ability to fully remote account takeover via a victim’s email address. Stolen information could include full name, phone number, email address & home address.
These are the biggest vulnerabilities that a connected vehicle may face, however, these are the tip of the iceberg in terms of potential vulnerabilities.
Business system vulnerabilities
Adversaries can also target business systems bringing operations to a complete stop. Many businesses have been forced to completely shut down their network causing huge disruption to services. The most prevalent types of attacks on the automotive industry include but are not limited to:
- Ransomware: An attacker implements malware that encrypts your sensitive data. They will then demand a sum of money to restore access, usually with a time-sensitive threat to leak the stolen data.
- Data breaches: A security violation which includes an attacker gaining unauthorised access to sensitive or confidential data, can quite often tie in with ransomware. This can be very costly for an organisation if sensitive data is leaked, as financial penalties can be issued under The Data Protection Act.
- Distributed Denial of Service (DDoS): The aim of this attack is to disrupt traffic to an organisation’s online operations. It involves an attacker using resources from multiple remote locations to flood web resources denying access to legitimate users.
For a better understanding of security risks, we can examine recent real world cyber attacks which utilised some of these methods.