the evolving threat landscape – from connected cars to ...s3. attackers’ interest in...

Download The Evolving Threat Landscape – From Connected Cars to ...s3. Attackers’ Interest in Cars Connected

Post on 29-May-2020

0 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • The Evolving Threat Landscape –

    From Connected Cars to Autonomous Cars June 2016

  • Ransomware Recent News

    2 Connected Cars 2016

    “The Growing Threat of Ransomware” – PC, 13th April 2016

    “Incidents of Ransomware

    on the Rise” – The FBI, 29th April 2016

    “Michigan Electricity Utility Downed

    by Ransomware Attack” – The Register, 3rd May 2016

  • Ransomware on Increase

    Symantec – Internet Security Threat Report (ISTR) April 2016

    Connected Cars 2016 3

  • Ransomware – The Future of Car Theft?

    4 Connected Cars 2016

    Theft FROM Vehicle

    Theft OF Vehicle

    And Now…

    Theft OF USE OF Vehicle

  • Who Wants to Attack Cars?

    5 Connected Cars 2016

    P O P U L A T I O N

    C A

    P A

    B I

    L I

    T I

    E

    S

    Organised

    Crime

    Groups

    Hacktivist

    Groups

    Disgruntle

    d

    Employees

    Lone

    Hackers

    M O T I VAT I O N

    C o n t r o l

    F i n a n c i a l

    D a t a

    D e s t r u c t i o n

    D i s r u p t i o n

    F a m e

    Government

    Backed

    Hackers

  • Well-Known Hacker Groups

    6 Connected Cars 2016

    Government

    Backed

    Hacktivist

    Groups

    SYRIAN

    ELECTRICAL

    ARMY

    Responsible for several high-profile

    DDoS attacks, including Sony

    PlayStation Network and Microsoft

    Xbox Live services in December

    2014

    Small group focused on attacking

    western media, believed to be

    backed by Russian hackers

    ANONYMOUS LIZARD

    SQUAD CYBER CALIPHATE

    Best known for DDoS

    attacks on PayPal, VISA

    and Mastercard

    TARH ANDISHAN THE DUKES

    Believed to be using malware

    toolsets for the Russian

    Federation for intelligence

    gathering

    Iran-backed hackers attacking

    government industry networks

    mainly in USA and South Korea.

    Small group of Syrian

    enthusiasts hackers, who are

    best known for attacking western

    media outlets.

  • Attackers’ Interest in Cars

    7 Connected Cars 2016

    “Two years ago, a report

    issued by a future-minded

    group within the FBI warned

    that criminals might use

    autonomous cars as lethal

    weapons.”

    - Federal Bureau of Investigation,

    FBI

    “There is mounting evidence

    that ISIS is developing self-

    driving vehicles for the

    purpose of using them as

    self-guided car bombs.”

    - Mikko Hypponen, Chief Research

    Officer of F-Secure Corporation

  • Overview of Attack Points

    8 Connected Cars 2016

    SBD has identified over 50 generic attack points that

    hackers can exploit in order to hack a car.

  • Essential Technology to Support Autonomy

    9

    Camera Ultrasonic Radar LiDAR (short range)

    Complex Sensor Fusion

    Connected Cars 2016

  • Example Connected Car Architecture

    10

    C lo

    u d

    S e

    rv ic

    e s

    S e

    c u

    ri ty

    G a

    te w

    a y

    V e

    h ic

    le C

    o n

    tr o

    l E

    x te

    rn a

    l In

    te rf

    a c e s

    OFF-BOARD

    TSP CONTENT

    PROVIDERS

    TCU

    GATEWAY

    ON-BOARD

    POWERTRAI

    N

    DOMAIN

    IVI

    CONTROL DOMAINS

    CHASSIS

    DOMAIN

    BODY

    DOMAIN

    Connected Cars 2016

  • Example Autonomous Car Architecture

    11

    C lo

    u d

    S e

    rv ic

    e s

    S e

    c u

    ri ty

    G a

    te w

    a y

    V e

    h ic

    le C

    o n

    tr o

    l E

    x te

    rn a

    l In

    te rf

    a c e s

    OFF-BOARD

    TSP CONTENT

    PROVIDERS

    TCU

    GATEWAY

    ON-BOARD

    POWERTRAI

    N

    DOMAIN

    IVI

    CONTROL DOMAINS

    CHASSIS

    DOMAIN

    BODY

    DOMAIN

    SENSOR

    FUSION

    AI

    Connected Cars 2016

  • Example Autonomous Car Architecture

    12 Connected Cars 2016

    ADAS SENSOR

    FUSION

    Powertrain Infotainment Convenienc

    e

    Chassis

    CENTRAL GATEWAY MODULE

    Gearbox ECU

    EMS

    Accessory Power

    Management

    Fuel Pump

    Suspension

    Control

    Steering

    Control

    Dynamic

    Stability Control

    Brake Control

    ABS

    Driver Monitoring

    Switch Pack

    Anti-theft

    System

    Door Module

    Telematics Control

    HVAC

    Seat Control

    Head-up

    Hi-Fi Amplifier

    Head Unit

    Rear-Seat

    Entertain.

    Instrument Cluster

    CAN

    Ethernet

    FlexRay

    CAN

    MOST Ring

    Driving Assistance

    • OTA Update

    • Real-time Traffic

    Updates

    • V2X

    • Cloud Computing

    • AI

  • On-board Deep Learning

    Sample AI functionalities

    Increasing number of data and

    performance computing

    Connected Cars 2016 13

    ADAS-equipped cars Autonomous or Highly

    Automated Cars

    Car2Car

    Communication

    Large number of ADAS-

    equipped cars can contribute to

    AI by observing the environment

    Embedded (on-board) AI Sensor

    s

    Data Models (“AI”)

  • Potential Attacks to Autonomous Cars

    14 Connected Cars 2016

    Spoofing Tampering Repudiation

    Denial of Service

    • Disable/enable ADAS

    functions or autopilot

    by flooding the ADAS

    Sensor Fusion.

    • Trick sensors to

    retrieve incorrect data

    by either attacking the

    sensors directly or the

    sensor data.

    • Delete/tampered

    logged activities to

    deny the truth of an

    accident while using

    autopilot.

    • Modify map data on

    delivery server by

    intercepting network

    traffic between

    supplier and delivery

    server.

    Elevation of Privilege

    • Gain complete control

    of ADAS Sensor

    Fusion by using

    diagnostic commands.

    Information Disclosure

    • Get access to private

    personal data used in

    the car such as recent

    calls.

  • Increasing Autonomy in Modern Cars

    15 Connected Cars 2016

    • Superficially the differences

    in attack surface between

    Levels is marginal.

    SAE

    Level 0 1 2 3

    No

    Automation

    Driver

    Assistance

    Partial

    Automation

    Conditional

    Automation

    High

    Automation

    Full

    Automation

    4 5

    BUT…

  • Increasing Autonomy in Modern Cars

    16 Connected Cars 2016

    • The impact level

    difference between Level 3

    and Level 4 is HUGE!

    Why? There is no driver fall-back!

    SAE

    Level 0 1 2 3

    No

    Automation

    Driver

    Assistance

    Partial

    Automation

    Conditional

    Automation

    High

    Automation

    Full

    Automation

    4 5

  • Evolving Threat Landscape

    17

    Security

    Level

    Requirement

    Level

    `

    Connected Cars 2016

    Impact Level – Largely Technology Independent

    Threat Level – Largely Technology

    Dependent

    NOT CONNECTED CONNECTED CONNECTED &

    AUTONOMOUS

  • Key Takeaways

    18 Connected Cars 2016

    1

    2

    3

    4

    Cyber Attacks Increasing

    Technology In Cars Increasing  Attack Surface

    Increasing

    As Driver Is Removed  Attack Impact Level Increasing

    STANDARDS – METHODOLOGIES –

    COUNTERMEASURES

    Increasing the need for:

  • More about SBD

    The largest team of in-car

    technology specialists

    recruited from over 10

    OEMs & suppliers

    To be the world-leading

    knowledge partner for the

    automotive industry

    Model-level databases

    Technology forecasts

    Supplier intelligence

    Market regulations

    News analysis

    Expert UX testing

    Consumer UX testing

    Iterative prototype evaluation

    KPI setting

    Cyber security testing

    New market entry support

    RFP/RFQ management

    M&A due diligence

    Strategic workshops

    Supplier positioning support

    95% of OEMs 65% of Tier-1s 60% of Service Providers

    SBD NA (Michigan, USA)

    SBD EU (