+ Publier publicitaire GRATUIT !
Stats d'annonce: Dernier 24h - 105, actuel - 1395, total - 81469

Cars Aren't Target for Hackers; They're Gateway to Higher-Profile Attacks

24 Février 2015 - Autoblog

Cars Aren't Target for Hackers; They're Gateway to Higher-Profile Attacks

Cyber threats have emerged as a big concern for automakers, as researchers have exposed serious holes in vehicle security that could allow hackers to commandeer cars. Those worries might be small compared to what's ahead.

Cars themselves won't be the end game for hackers in the near future, a leading cyber-security analyst said Tuesday. Instead, they'll be used as mobile gateways to hack more prominent targets.

"My biggest fear is we'll see an example of an attack where a car was used to hack into something else," Dr. Anuja Sonalker, lead scientist and program manager at Battelle, tells Autoblog. "All the pieces are there. It's a matter of time."

She spoke at a conference sponsored by the Center for Automotive Research, at which industry leaders sought answers for these cyber attacks following a spate of high-profile problems that have cropped up in recent months.

So far, vehicle hacks have remained within the realm of white-hat researchers, who have demonstrated the ability to remotely control critical safety functions like steering, braking and acceleration, as well as unlocking doors and overriding driver inputs.

Real-world attacks on cars have not yet occurred, experts say, at least partially because the research is both time-consuming and expensive. It can take months of intricate planning to infiltrate a single car, and for hackers with malicious intent, there's ultimately little incentive.

But Sonalker and others foresee trouble. Security vulnerabilities in today's cars provide hackers with attractive entry points, and the connectivity automakers are rushing into their fleets outfit them with the means to spread their malware elsewhere.

"They're trying to springboard off into launching something bigger," she said. "Nobody is going to hold it against you now that your car is hackable. It's understood that it is. Now it's about how do we protect the ecosystem around it, because if we can't, it's going to lead to large-scale disastrous effects."

New Targets, Same As Old Targets?

Sonalker has studied the problem for the past two-and-a-half years at Battelle, a national nonprofit research and development organization based in Columbus, OH. While white-hat researchers have identified cyber threats in individual industries, she's in a unusual position because she can see how they potentially fit together across fields.

In a modest attack scenario, she believes hackers will use cars as the point of origin to carry out attacks against the same high-reward prey seen in the headlines today. Attacks against the likes of Target, Anthem and Sony will simply be carried out via the connected car.

It's that connectivity that complicates things. Even if automakers design their cars with the best-possible armor, the security measures are often only as useful as the security on the smartphone a driver brings into the car.

"There's a lot of functionality through apps on your phone," said Praveen Narayanan, research manager at Frost & Sullivan. "Today, that's the first point of attack."

For example, if a motorist pairs a smartphone with Bluetooth, researchers believe a hacker could use banking information on the phone to breach security at a banking institution.

While financial motivations may lie at the heart of many cyber attacks, the car does present more malevolent opportunities beyond money.

Targets Range Beyond Vehicles

Electric vehicles are plugged into both private and public chargers, and security measures may be inadequate to protect infrastructure from problems. Could a black-hat hacker disrupt a regional power grid if they navigate those connections?

"You have an infected car connected to infrastructure in a legitimate way," Sonalker said. "It has legitimate access to that infrastructure. So all the security mechanisms will work flawlessly. Your car will be authenticated, but it has stuff on it that's bad for the system."

The opposite is also true. Hackers could breach security in infrastructure and work backward into cars. University researchers infiltrated traffic lights in a study conducted last year, and tinkered with signals unabated. In a connected-car world, that sort of hack could be extended into something more nefarious.

Vehicle-to-vehicle and vehicle-to-infrastructure communication systems now being developed by the federal government are supposed to keep drivers safer by relaying information on traffic and road conditions ahead. But they rely on information being accurate. If misleading information is injected into the system, the consequences for drivers could be severe.

Scale Of Attack Depends On Range Of Connection

The size of an ensuing catastrophe is correlated with the range of the connection.

Bluetooth connections have a reach of 25 yards. Wireless connections have a reach of 100 feet. But in a world where General Motors and others are introducing 4G LTE connections into cars and many automakers are fixing software glitches with over-the-air updates. These tools are useful, but they broaden the scope of a potential malicious attack.

BMW used over-the-air updates in recent weeks to implement a fix for security holes in its remote-services system that affected 2.2 million cars. If a hacker could piggy-back on such an update, a fleet-wide attack could be generated. Black-hats are close.

"I think they have the pieces," Sonalker said. "If you follow the last several years, they've demonstrated successful hacks into cars, health-care devices, pacemakers, TVs, everything. So the pieces are there, and the internet of things is not going away. It's here."

Nouvelles par Tags

2011 models2012 models3D printing458 italia6-series coupeA1A2abc motorsabu dhabiaccidentaccidentsaccordACIMacuraadvertisingafricaAIairbagairbagsairbusairportalcotestalfaalfa romeoalgeriaalpineamazonamphibiousandroidAnil Bachooappappleappointmentsappsarabiaargentinaarnold schwarzeneggerArtashok leylandasiaastonaston martinauctionaudiaustraliaaustriaautoauto shanghaiauto showautonomous carautonomus carAutopilotaventadorawardsAxessBagatellebahrain grand prixBAIBaie-du-TombeaubajajBangkok International Motor ShowBangkok Motor ShowBangladeshbatmobilebatterybattlebeachesBeau-BassinbeetleBeijing Motor ShowBelgiumbentleybernie ecclestonebetamaxbetamax casebicyclebicyclesbikebikesbiodieselbmwboatboatsBogota Auto ShowBois-Marchand accidentBologna Motor ShowbondboschBPObrabusbrakesbrazilbribebribesbridgestonebriobudgetbugattibuggybuickburnoutbusbusesbuyingbydcadillaccalebassescamaroCanadacarcar buying tipscar dealerscar importcar marketcar rentcar rentalcar salescar servicecar sharingcar theftcar washcarbon fiberCarPlaycarscartingCaudanCCIDCCTVCEBcelebretiescelebritiesCESChamp de MarsChamp-de-MarsChengdu Motor ShowcherychevroletChicago Auto ShowchinaCHINESE GRAND PRIXChris Evanschryslercitroencivicclassicclassic carsclassicscommercialcomparisonconceptconceptsconsumer reportsconvertiblecoromandelcorruptioncorvetteCourtCourtsCPBcr-vcrashcrash testcrash testscrossovercrowdfundingCubaCurepipecustom carCUVCWAdaciadaihatsudaimlerdakardartzdash camdashcamdatsunDelhi Auto ExpodesignDetroitDetroit Auto Showdieseldiesel scandalDIYDLCdodgeDPPdragdrag battledrag racedrag racingdriftdriftingdriverless cardrivingdriving licensedriving schooldriving schoolsdriving testdriving tipsdronedronesdrugsdrunk drivingdsDubaiDubai Motor ShowducatiearthquakeEbayebeneecoecologyeconomyelectricelon muskengen motor showengineenginesEOCethanoletios livaEUEuropeeveventsexpofacebookfakeFast And FuriousFernando AlonsoferrariferryfiatfiestafilmsfinancesfinefinlandFirefiskerfitness centerFlacqFlic-en-FlacFloodsflying carFootballForbach accidentforce indiafordformula1forza motorsportFrancefrankfurtfrankfurt motor showfraudFSCfuelfuel economy scandalfuel pricefuel stationfuel stationsfunnyfutureGaikindo Indonesia International Auto ShowGaikindo Indonesia International Motor ShowgamesgeargeelygenesisGeneva Auto Showgeneva motor showGermanygirlsgmgodzillagolfGoodlandsgoodwoodgooglegoogle glassGoProgovernmentgpsgran turismogrand tourgreat wallgreecegreengreen energygrnoGRSE accidentGTAGymkhanahackershakershamannharley-davidsonHatchbackhellcatherohistoryhitachiholdenHollandHollywoodhondaHong Konghorsepower falsifyinghospitalshot wheelshotelhotelshoverbikehoverboardhow toHuayrahummerhumorhurricanehybridhydrogenhyundaii3i40ICACiframacIIHSillegal racingIMCimportindiaIndian MotorcycleIndian OilindicaIndonesiaIndonesia International Motor Showindonesia motor showinfinitiInfinityinfrastructureinsuranceintelinteriorinteriorsiPadiphoneiranirelandIRPisraelisuzuitaliaItalyjaguarjamesjames bondJames Mayjapanjapaneese carsjapanese carjapanese carsjazzJDMjeepJeremy Clarksonjettakartkawasakikei carken blockKenyakhankiaKoenigseggkoreaKoshik ReesaulKTMLALA Auto ShowLa Vigielamborghinilancialandland cruiserland roverlawsleallegolexuslicenselight metroLionel Messilotuslow cost carLRTluxuryluxury carluxury carsm3mad maxMadagascarmahindramaintenancemalaysiamanmapsmarketmarketingmartinmarutimaruti suzukimaseratiMatt LeBlancMauritiansmauritiusmaybachmazdaMcLarenmecedesmercedesmetroMetro Expressmexicomichael schumacherMicrosoftMidlandsminimitsubishiMMMmonacomonaco grand prixMontebello accidentmontereymoparMoroccomotomotormotor showMotor vehicle test centremotorcyclemotorcyclesmotorsportmotorsportsmotosportmoviesmpvMRAmugenmuscle carMusicmustangmv agustaMVDANandanee Soornacknanonascarnavigation systemnavigation systemsNavin RamgoolamNCGNDUNepalnetherlandsnew carnew york auto shownew zealandnfsNHTSANigerianissanissannorwayNTANTCNurburgringoff-roadoffroadOlympic Gamesopelpaganipagani huayraPakistanPamplemoussespanasonicParisparis motor showparkingPebble Beachpenaltiespenalty pointsPetite-RivièrepeugeotPhilippinesPhoenixpickuppickupspininfarinapirelliPitonplayboyPNQpolandpolarispolicepoliticspollutionpontiacporscheporsheportPort LouisPort-LouisPPCPPPprankpricepricespriusproguardprotestsprotonPSApublic transportpublict transportQ3qorosquatre-bornesr8Raceracingrallyramrangerange roverratingsRDArecallrecallsrecordrecordsred bullreduitrenaultrenderingrent a carreplicaReunionRHTRiambelRichard DuvalRichard HammondrickshawrimacRing RoadrioRiviere-du-Rempartroadroad accidentroad rules & regulationsroad safetyRoad Traffic ActRoad Traffic Amendment Actroadsroads safetyrobotsRodriguesrolls-royceromeoRose-HillroverRoyal EnfieldRRSRSUrumoursRussiasaabsafetysafety ratingssafety testsafety testssalesamsungsamusao paulo auto showSao Paulo Motor Showsaudisaudi arabiascamscandalscaniaschool busscooterscootersseatsecond hand carssecond hand cars importself driving carself-drivingself-driving carself-driving carsSEMASEMA showSeoul Motor Showservice stationsShanghaishanghai motor showshelbyShellshowsingaporeskodaSlovakiasmartSobrinho caseSohail Sesungkursolar energysoreze accidentsoulsound systemssouthsouth africasouth koreaspainspare partsspeed camerasspeed limitspeedingsportSportscarspy shotsssang yongSsangYongstar warsstartupstatisticsSTCstreet racingstrikestudysubaruSudhir SesungkursudySunshine AutosupecarssupercarssurveySUVsuzukiSwedenswiftSwitzerlandTATaiwantakataTarisa Resorttatataxtax fraudtaxestaxiTBStechnlogytechnolgytechnologyTerre-RougeTerre-Rouge–Verdunteslatest driveteststhailandThailand International Motor ExpoThe Grand TourthefttipstiresTMRSUtokyoTokyo Auto Salontokyo motor showtoptop geartoyotatoystraffictrailertransformerstransporttrendstricksTriolettriumphtrucktruckstsunamituningTurkeytvstyresUAEuberUBSukukraineunionsuomuralUSused carused carsVacoasVacoas-Phoenixvanvarma casevehicle inspectionVehiclesvelostervenezuelaVictoria stationvideoVienna Auto ShowvietnamVintagevintage carsVipervivo energyvolkswagenvolvovwwheelsWorldyachtyamahayariszagato
Vendez Votre Auto