Technology has accelerated the pace in which vehicles provide mobility and convenience. Nowadays, it’s common for connected cars to let their users have instant access to navigation and traffic data, play desired media content, and get up-to-the-minute weather and collision alerts, among other capabilities — thanks to connected technologies such as vehicle-to-everything (V2X) communication and various internet-powered applications and services.

Connected cars are becoming more and more common. There will be 152 million connected cars worldwide before 2020 comes to a close, according to one forecast, while the number of connected cars will reach 700 million in 10 years, according to another. Autonomous or self-driving cars are estimated to account for 10% of automobile purchases by 2034.

With more and more people relying on connected car technologies for safety, accessibility, and infotainment — and with connected cars producing up to 30 terabytes of data each day — it’s important to keep connected cars protected against a range of ever-evolving risks and threats.

Our research paper “Driving Security Into Connected Cars: Threat Model and Recommendations” offers an examination of the cybersecurity blind spots of connected cars to help developers and manufacturers create secure as well as smart vehicles.

Threat model for connected cars

Connected cars are part of intelligent transportation systems (ITSs), and as ITS adoption continues to grow, so does the range of ever-increasing and ever-progressing cyberthreats that could affect connected cars. In fact, there have been published papers and articles that discuss how connected cars could be hacked. However, only a small number of them examine remotely executed attacks. In our research, we studied several cases of such attacks — specifically, attacks that successfully compromised at least one electronic control unit (ECU) in the target car, allowing attackers to tamper with vehicle functions. In studying these cases, we acquired a better understanding of the tactics, techniques, and procedures (TTPs) used by hackers in remote attacks on connected cars, which we then applied to our threat modeling analysis.

Our threat model sheds light on the remote attacks that could be launched against and/or from the victim vehicles. With it, we have identified a number of attacks and classified them as low-, medium-, or high-risk using the DREAD (damage potential, reproducibility, exploitability, affected users, discoverability) threat model. The following visualization describes the attributes of an example attack for each risk level.

LOW RISK

LOW-RISK ATTACKS require a high level of technical skills and an in-depth knowledge of connected car platforms. Given their specialized nature, they would affect only a small percentage of everyday users.

Damage potential: High

Reproducibility: Low

Exploitability: Low

Affected users: Low

Discoverability: Low

Remotely transmitting and installing malicious firmware and/or apps

MEDIUM RISK

MEDIUM-RISK ATTACKS require skilled operators with fundamental knowledge of the target systems, and they can be reproduced, but only within set limitations.

Damage potential: High

Reproducibility: Low

Exploitability: Medium

Affected users: Medium

Discoverability: Medium

Sending incorrect or improper commands to back-end intelligent transportation systems

HIGH RISK

HIGH-RISK ATTACKS require only a limited understanding of the inner workings of a connected car and can be pulled off by a low-skilled attacker. They exploit vulnerabilities found in the most commonly used applications and systems.

Damage potential: High

Reproducibility: High

Exploitability: High

Affected users: Low

Discoverability: High

Electronically jamming a connected car’s safety systems, such as radar and lidar

DASHBOARD MENU

Click to see risk level description and example.

Temp: 71.6oF

Battery: 66%

Oil: OK

Wi-Fi: ON

GPS: ON

Bluetooth: OFF

Connected cars are part of the internet of things (IoT), and given the continuing expansion of the IoT and the ever-increasing volume of disruptive and destructive cyberattacks, connected car cybersecurity should be made mandatory and should be considered a fundamental aspect of V2X architectures and frameworks. Developers and manufacturers should build security into the various connected technologies used in connected cars, and they should have better visibility over the entire connected car ecosystem so as to keep connected cars running smoothly and securely.

We discuss in depth our analysis of cybersecurity risks and threats to connected cars and give guidelines for protecting these vehicles in our research paper “Driving Security Into Connected Cars: Threat Model and Recommendations.”