|
Since the global outbreak of ransomware in May, its astonishing destructive power has affected hundreds of thousands of users in hundreds of countries and regions. Many companies have been forced to interrupt their operations or stop production, including world-renowned automobile manufacturers such as Honda and Nissan.
On June 21, Honda announced that due to the ransomware attack, the Sayama plant in Tokyo would suspend production for one day on the 19th. Honda is not the first automaker to be attacked by the ransomware. As early as May, when the ransomware outbreak just started, Renault and Nissan were attacked by the ransomware, resulting in the suspension of production at several factories of the Renault-Nissan Alliance in Japan, the United Kingdom, France, Romania and India.
Although these "suspended" companies soon resumed normal operations, it also sounded a warning to more car companies: Now the ransomware is invading the factory. When the degree of intelligence and networking of cars in the future becomes higher and higher, more and more in-car networking components are added, and more and more cars on the road are connected to the Internet, will it directly attack the vehicle itself? In the face of an increasingly open in-car environment, how should car companies and related parts manufacturers ensure the information security of cars? Once they encounter such attacks, how should car companies or consumers respond? Focusing on these possible scenarios in the future, many experts recently held an in-depth discussion on the theme of "Intelligent Connected Vehicle Information Security" at the China International Intelligent Connected Vehicle Technology Annual Conference (CICV 2017), and especially expressed their respective views on the main information security threats faced by intelligent connected vehicles and the corresponding solutions.
Where are the most vulnerable to cyber attacks?
In September 2016, Tencent Keen Lab announced that they had successfully hacked into Tesla cars in a "remote and non-physical contact" way, thereby remotely controlling the parking and driving status of the vehicle. In April 2017, a cybersecurity company said that there was a vulnerability in the Hyundai car app, and hackers were able to remotely start Hyundai's cars. Hyundai confirmed the existence of this vulnerability. In June, software security engineer Jay Turla launched an open source network attack project on Mazda cars, allowing anyone to use a USB flash drive to execute malware code on Mazda cars... With more and more connected components in cars, network security issues like this are happening more and more frequently. It is particularly necessary for car companies and related component manufacturers to master some necessary smart connected car security protection technologies.
So, how can we effectively prevent cars from being attacked by hackers? To answer this question, we must first understand which parts of smart connected cars are most vulnerable to attacks.
Wang Yinan from the Artificial Intelligence Room of the Intelligent Connected Vehicle R&D Department of FAW Technology Center believes that the attacks faced by intelligent connected vehicle systems mainly come from two aspects: internal attacks and remote attacks. Among them, internal attacks are mainly caused by defects in intelligent connected vehicles themselves, such as insufficient security of the bus, gateway, ECU, etc. Specifically, there are two types of attacks: attacking through vulnerabilities on the bus and forging ECU nodes on the vehicle to carry out local attacks.
Remote attacks are mainly caused by the continuous improvement of automobile networking and intelligence, and the increase in communication channels between automobiles and the outside world, which invisibly increases security risks. According to different attack points, there are also many situations, including indirect physical access attacks through USB ports, CD players, OBD ports, etc., or short-distance wireless access attacks through mobile phones, Bluetooth, V2X communications, cameras, etc., as well as long-distance direct attacks using WEB browsing and telephone communications. Another type is long-distance indirect attacks through App stores.
Liu Ding, a senior security researcher at Bangbang Security, has a similar view. He believes that in the future, smart connected cars will face 12 information security threats from four major levels: cloud, transmission, terminal, and external. The cloud mainly involves malicious theft, tampering, or destruction of data integrity stored by car owners on the cloud platform; transmission threats are when cars are interconnected with the outside world through "VX" technology. If the network encryption and authentication are not sufficient, it is easy for attackers to use false messages to induce vehicles to misjudge and affect vehicle automatic control; and terminal node layer threats refer to attacks launched through T-BOX, terminal upgrades, vehicle-mounted OS, sensors, in-vehicle network transmission, vehicle-mounted terminal architecture, etc.; finally, external threats mainly come from mobile apps or related attacks through charging pile information. It can be seen that everyone has basically reached a consensus on the point where smart connected cars are vulnerable to attacks, but the statements are different.
Cyber attacks are “everywhere”. How to counter them?
As the level of automobile intelligence and networking continues to improve, the types and number of on-board terminals have increased significantly, and there are more and more places on the car that can be attacked by cyber attacks. Although the current cyber attacks on cars are only individual cases, and have not caused a large-scale outbreak like the "ransomware virus" and caused adverse effects, they should not be underestimated. In particular, as intelligent and connected cars are increasingly being put into mass production, car companies and related component manufacturers must consider in advance and formulate preventive measures.
As a representative of vehicle manufacturers, FAW mainly formulates corresponding protection measures according to different functional areas in response to vehicle network attacks, according to Wang Yinan. He believes that intelligent networked vehicles can be divided into four different functional areas in terms of architecture, namely basic control functional areas, such as sensor units, chassis systems, etc.; extended functional areas, such as telematics, infotainment management, body systems, etc.; external interfaces, such as LTE-V, Bluetooth, WIFI, etc.; and external functional areas such as mobile phones, storage, various diagnostic instruments, and cloud services. Each functional area has different definitions and requirements for security. It is necessary to define a reasonable and standardized system architecture, isolate different functional areas, and strictly control the flow of information between different areas, including access identity authentication and data encryption, to ensure the safe transmission of information, so as to achieve the high availability and convenience of intelligent driving functions and protect the privacy of user information. In this process, T-BOX is one of the interfaces between the car and the external network, so it is crucial to ensure its security. Wang Yinan believes that car companies can build a secure T-BOX system from the perspectives of identity authentication, data security, gateways and firewalls, key management, and firmware security. In addition, there are backend servers, mobile apps, and OTAs, which also need to formulate corresponding anti-attack measures according to their respective work scenarios. However, no matter which component, identity authentication and data security are the most basic requirements.
Lv Xinhong, an automotive security consultant from Qihoo 360, suggested that automakers should ensure the safety of cars throughout their entire life cycle, from security to safety. He believes that at this stage, the main cybersecurity risk facing cars comes from the rapid iteration of hacker technology, and automakers lack professional information security organizations, security management mechanisms, necessary security technologies, and security operation personnel, so they need to formulate preventive measures from multiple aspects such as information security operations, technologies, and strategies.
Specifically, the full life cycle security assurance is implemented in 6 stages, namely the project planning stage, in which it is necessary to comprehensively analyze the security risks faced by the Internet of Vehicles and plan a safe route; the engineering design stage, mainly to control the security of suppliers' products, enhance the access rights of the vehicle network, and ensure the security of the network environment and remote control; the sample production stage, through the implementation of executable security inspection mechanisms, timely discover Internet of Vehicles problems; the test and evaluation stage, the main task is to avoid Internet of Vehicles platform and car safety issues before listing; the batch production stage, batch security tool testing can be carried out through tools; the product delivery stage, mainly to do a good job of early warning of security attack incidents, and monitor and operate the safety of vehicles across the country. This is linked together, and corresponding preventive measures are specified at each stage to improve vehicle safety.
Technical prevention is important, and regulatory support is also indispensable. Of course, in order to better prevent cybersecurity, in addition to the efforts of car companies and parts manufacturers, policy regulations and guidance are also indispensable. According to Professor Luo Lei of the University of Electronic Science and Technology of China, there are already relevant guidance documents at home and abroad. For example, in October 2016, the U.S. National Highway Traffic Safety Administration issued a "Modern Automotive Information Security Best Practices", which is another important guidance document for intelligent connected vehicles after the "Autonomous Driving Vehicle Policy" issued in September 2016. It provides guidance on the work related to automotive industry cybersecurity from two perspectives, namely general cybersecurity guidance and cybersecurity guidance specifically for the automotive industry.
In China, the Intelligent Connected Vehicle Industry Technology Innovation Strategic Alliance has been established, and the automotive network and information security have been taken as the focus of attention. Through the National Automobile Standardization Committee, relevant intelligent network work has been carried out. In addition, in February this year, the Automotive Information Service Industry Application Alliance also released the first domestic Internet of Vehicles network security white paper, which introduced the development of domestic Internet of Vehicles network security, the challenges it faces and the future development direction. Also released was the "Guidelines for Internet of Vehicles Network Security Protection (Draft for Comments)", which is based on the "Cybersecurity Law of the People's Republic of China" and other laws, combined with the industry development of the Internet of Vehicles, with the establishment of an integrated Internet of Vehicles protection system as the core, and clarified the requirements for network protection from 11 aspects and 38 points, which is of great reference value.
Summary: At present, the degree of network openness of automobiles is getting higher and higher, and there are more and more places that are vulnerable to cyber attacks by criminals. In this context, in order to create a safe environment for the use of intelligent connected vehicles, car companies, terminal and parts manufacturers must start from the three levels of end, pipe and cloud, and formulate reasonable preventive measures according to the characteristics of each level. In addition, the guidance and specifications of intelligent connected vehicle information security standards and laws and regulations are also indispensable. Only in this way can multiple parties work together, technology and regulations go hand in hand, and actively promote the implementation of automobile information security technology, so that it is hoped that after the large-scale implementation of intelligent connected vehicles in the future, it will be possible to keep them away from attacks such as ransomware and become our real "travel assistant"! Source: Gasgoo.com |
