An increasing demand is being put on automobile manufacturers to move to autonomous vehicles or connected cars that require connectivity to back-end systems for pushing updates to the car’s computer system that previously required a trip to your local dealership. Infotainment systems and electronic control units are being implemented by these automakers that leverage connectivity through Bluetooth, WIFI, and cellular baseband networks for that connectivity creating an attack surface as a result of security being an afterthought to design and functionality. The vulnerabilities discussed in this presentation are exploitable and were found over the past few penetration tests performed of European automakers, and electronic control unit (ECU) and infotainment manufacturers who retained Alissa Knight to perform this testing. Because the vulnerabilities allow interception of messages between the manufacturer’s backend servers and the ECU which is connected to the CAN bus of the automobile, we will demonstrate how it’s possible to intercept, decrypt, and replay modified messages to the ECU that can result in remote control of the car.
Solutions for how to address these risks and treat them to an acceptable level will be discussed.