Wednesday 29 July 2015

Car Hack Uses Digital-Radio Broadcasts to Seize Control


Car Infotainment System Vulnerable to Hack Attack

According to a leading security company, most of the car infotainment systems tend to become vulnerable to a hack attack which could probably put many lives at risk. NCC Group had stated that the activity could be utilised in taking control of a vehicle’s brakes as well as the other critical systems.

BBC had been informed by the Manchester based company that it had generated a way of carrying out the attacks by sending data through digital audio broadcasting – DAB, radio signals. This coincides with news of a related flaw by two US researchers. Chris Valasek and Charlie Miller had shown Wired magazine how control is overtaken of a Jeep Cherokee car by sending data to its internet connected entertainment as well as navigation system through a mobile phone network.

Chrysler has also released a patch to address the problem but NCC’s work that has been limited to its lab indicated a broader issue. UK’s Society of Motor Manufacturers and Traders have replied stating that the car companies, `invest billions of pounds to keep vehicles secure as possible’.

Infotainment Systems Process DAB Data for Text & Pictures - Dashboard

Part of its technique had been demonstrated by NCC to BBC Radio 4’s PM programme at its office in Cheltenham. Andy Davis, the company’s research director had used relatively cheap off-the-shelf gears that were connected to a laptop and created a DAB station. Since infotainment systems process DAB data in displaying text and pictures on car dashboard screens, an attacker could send code which could enable them take over the system and once the infotainment has compromised, an attacker could possibly utilise it as a means of controlling more critical system which could include the steering as well as the braking.

Based on the power of the transmitter, Davis states that a DAB broadcast could enable attacker in affecting several cars at once. He further added that `as this is a broadcast medium and if there is vulnerability in a particular infotainment system in a specific manufacturer’s vehicle, on sending one stream of data, one could attack several cars at the same time. An assailant could perhaps even choose a common radio station in broadcasting over the top of, to ensure that they have reached the maximum number of target vehicles’

Modern Cars – Computer Networks on Wheel

Mr Davis had refrained from publicly identifying which of the specific infotainment system he had hacked at that point. Modern cars, in several ways are computer networks on wheel. Mike Parris of SBD, which is another company that concentrates in vehicle security, stated that modern cars usually comprises of 50 interlinked computers that run more than 50 million lines of code and that by contrast, Davis had commented that a modern airliner has around 14 million lines of code.

Such a kind of technology enables the latest cars to carry out automatic tactics, for instance, a driver could make the vehicleparkparallel at the touch of a button.He also said that he had faked his DAB based attack only on an equipment in his company’s buildings since it would have been illegal as well as unsafe in doing so in the outside world.

However he added that he had earlier compromised a real vehicle’s automatic braking system which had been designed in order to prevent it from crashing into the car before it, by modifying an infotainment system which he believed could have been duplicated through a DAB broadcast.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.