Cars have been improved drastically in a short period of time to assist drivers in dozens of areas as well as add conveniences. As more functions were added electronic systems were developed to control these systems as well as run diagnostics. The system adopted by most manufactures is called CAN (Controller Area Network). Just about every car post 2008 has this installed, some cars having upward of 30+ controllers controlling everything from anti-lock braking systems to windows. The reason it was developed is that is very cheap, but has features of more advanced protocols such as ethernet. Of course with new technology comes new dangers. This network created in cars is a trusted network, meaning if you can get connected to it, you have complete access to all the CAN traffic.
CAN is operated on packets like any other network protocol, the packet is setup as such: 11 or 29 bit identifier, 4 bit data length info, max 8 bytes of data. This simple format can be decoded using CAN databases to intercept and decipher packets information, which can be helpful as it is used to diagnose car’s systems, but can also be used to send messages of your own. This is where the problem arises, being able to send your own message could be extremely dangerous. In the video above the annoyances are demonstrated, such as making the car believe it is in a crash and tightening seatbelts, honking the horn, making the fuel seem empty/full, changing the odometer speed, or making the “service soon” light turn on. It could also be used more dangerously such as making the car believe it is still, and turning on automatic parallel parking which will suddenly jerk the car at high speeds, or disabling the breaks.
The video with the speaker above was published in 2014, but just recently he has developed an open source 60$ piece of equipment that can be plugged into the CAN network and send messages.
As of right now, the risk is low as the network is strictly wired, meaning the attacker would have to be inside your car, but we should take caution with security now as the future may hold more open networks. Insurance companies currently want to implement dongles on cars to see how safe or unsafe their customers are driving, and adjusting their rates accordingly. This dongle could possibly communicate via satellite or other wireless means to tell the insurance companies of the driver’s driving style.
Another note is autonomous cars are in the near future as tesla is about to release a new car on the market capable of driving on inner state highways by itself. This raises a huge concern in security, will these cars talk to other cars? Will the CAN systems now have wireless components, if so will they be secured? The speaker has worked for Tesla and mentioned all Tesla’s firmware was created in house under surveillance by a security team, but will that be enough.
Sources: Includes a presentation on CAN, a demo of the attacks, as well as the cheap device created by the speaker.