May 22, 2015
Executive Editor of Dark Reading, Kelly Jackson Higgins, reports on the Virginia working group studying vulnerabilities in automobiles and building solutions to detect and protect against vehicle hacking and cyber threats.
As part of the working group of private companies and government agencies, Mission Secure takes a leading role in the work to protect vehicles from today's and future cyber threats.
The concern is that criminal or terrorist groups, for example, could physically tamper with state police vehicles to hamper investigations or assist in criminal acts by messing with the car's acceleration, or deploying airbags while the vehicle is driving at a high speed, for example, says David Drescher, president of MSi, a member of the project team. "What we're going to be doing is carrying out … these attacks on a car to show that yes, you can cut off the engine [via] the CAN bus," for example, Drescher says.
Drescher says other states and localities are taking an interest in Virginia's project. The project will conclude in July, with an assessment of the possible hacks of the vehicles and as well as a report on technologies for detecting a cyberattack on a vehicle. "Today we have no way to know if a car was" hacked," Drescher says. "We're going to see if there's a way to collect more data across the CAN bus" for forensics and detection purposes, he says.
"The primary focus is on the attacks themselves, rather than how they are delivered. Our primary attack will be through the OBDII port," with various tethered tools or a device that connects to the OBDII port and transmits via Bluetooth or WiFi, he says.
The researchers may also simulate a remote RF-based attack test as well, he says. But since the State Trooper vehicles being tested are older models and not as networking-equipped, the remote testing may be limited to things like Bluetooth and tire pressure-monitoring system attacks that other researchers have already revealed.
Check out the full article on DarkReading!