Cyber attacks on connected cars have doubled in the year 2018. “The security of connected cars is an urgent issue, but we need to speed up our efforts,” said Masakazu Okuda, Japan Country Manager at Cybellum, a cybersecurity company from Israel. What are the risks of a connected car? How should safety be protected? We talked to him in detail.
What is Connected Car Cyber Security?
A lot of software is used in connected cars. Therefore, it is important to protect the security of software.
Mr. Okuda said, “There are various ways to protect software. There are approaches such as firewalls that increase the barriers of defense, but if the software itself has bugs or vulnerabilities, it cannot be protected simply by adding walls. So we provide tools to scan software in connected cars and find vulnerabilities. “
He said engineers often understand “what is robust software” and “what are the vulnerabilities attacked by hackers?” And know how to deal with them. The problem is that the amount of software installed in connected cars is too large to cover all vulnerabilities.
When experts discover vulnerabilities, there are databases such as Common Vulnerabilities and Exposures (CVE) and National Vulnerability Database (NVD) that register the discovered vulnerabilities. 20,000 to 30,000 new vulnerabilities are reported annually in these locations.
Mr. Okuda said, “Because vulnerabilities are found at this pace, if some company releases software, dozens of vulnerabilities will be found in a few months depending on the scale. Hackers have announced the vulnerabilities. On the other hand, there are “undiscovered and unpublished existing vulnerabilities” in the software. It takes months to years to fix one vulnerability. There are also new vulnerabilities coming out later. There is no “zero vulnerability” day. Software providers are responding to publicly announced vulnerabilities while also responding to undisclosed vulnerabilities. I have to do it. “
Ideally, from the development stage, proceed with development so that vulnerabilities are not mixed in with reference to the vulnerability database, keep looking at the database even after the product is shipped, and check whether the published vulnerability corresponds to the product. It is desirable to continue.
Automotive cyber security regulations
Vulnerability countermeasures throughout the development stage and vehicle lifetime (every time after development) are also stipulated in the Automotive Cyber Security Regulations (UNECE WP.29 R155). It was developed by the World Forum for Harmonization of Automotive Standards (WP29), a working group of the United Nations Economic Commission for Europe.
Mr. Okuda said, “The important thing in this regulation is to” maintain the in-house process that guarantees the cyber security of automobiles. ” It means developing a development and review process, and keeping an eye on vulnerabilities after shipping. The organization and processes are totally regulated. “
Automotive cybersecurity regulations also reflect changes in the concept of “safety” in automobiles. Automobiles are no longer “things that should be shipped with security.” Automakers must monitor security from planning, development, production to disposal.
In addition, the stakeholders of this regulation are the final manufacturer, the parts manufacturer, the vendor, and the entire supply chain, and the accountability for compliance with the regulation is the responsibility of the final manufacturer.
Is security a cost?
Automotive cybersecurity regulations guarantee the security of automobiles throughout their lifetime and are in the interests of their users. However, isn’t the burden on the automobile manufacturer side heavy?
“We cannot deny that aspect. Even if we add advanced technologies such as driving support functions and autonomous driving functions to improve safety, it is difficult to pass on such added value to prices for security measures.” It is difficult to say, “This car will be 100,000 yen more expensive because it is compatible with the latest security,” says Okuda.
However, if the car is hit by a cyber attack and a loss or dangerous event occurs without sufficient security measures, the reputation of the car manufacturer will be damaged.
Differentiate security for connected cars
So how do automakers discover software vulnerabilities?
“Many vulnerabilities are in the source code, so it’s possible to find them if engineers get together to review the code, but given the burgeoning amount of software today, this approach is unrealistic. In reality, it is desirable to aim for efficiency by scanning the software components embedded in the product, such as those provided by us, and utilizing the service to find vulnerabilities. ” ..
But not all software-scanning services are good.
Okuda says, “Many IT companies now offer software checkers, but only a few are fully compatible with automotive embedded software. Embedded software does not necessarily run on servers or PCs. Since it is not a thing, software checkers that are not for automobiles often cannot support software checks for automobiles. “
So how are these companies differentiating?
According to Okuda, the major companies that currently offer software checkers for automobiles are basically offering similar technologies, and one of the differentiators is the type of semiconductor, OS, etc. that they support. That’s it.
In addition, the structure of software changes depending on the product used. Therefore, the strengths and weaknesses of software checker providers also appear depending on the field.
The perspective of source code and binary code is also important when using software in the automobile industry. The source code expresses “what kind of operation you want to make” in a computer program written in a programming language. Since the machine cannot execute the source code as it is, the source code is converted into binary code that can be read by the machine.
Mr. Okuda said, “It is extremely rare for the final manufacturer of an automobile to have all the source code. Since an automobile is made up of various parts collected from suppliers, the source code of each part is in the hands of the final manufacturer. Not all of them arrive. Rather, it may be normal for the source code not to be sent. “
However, the final manufacturer has the entire binary code needed for overall control of the car. Therefore, what you can actually scan is the binary code. Binary code scanning technology and accuracy are important for scanning car software.
Mr. Okuda added, “We support binary code scanning, but some companies only support source code. Whether or not binary code is supported is also a differentiating point.”
Risks to be addressed
According to a Uswitch study, cyberattacks on connected cars increased by 99% between 2018 and 2019. How does Mr. Okuda see this?
“We believe that attacks on connected cars aren’t as high as they were feared. There is a lot of debate about’feasible attacks’, but’feasible attacks’and’actual attacks’. Is a different thing, “says Okuda. “‘Actual attacks’ occur where monetary gains are generated. Therefore, in-vehicle content distribution systems and driver’s personal information obtained from mobile information are likely to be targeted. Also, ransomware attacks using it. On the contrary, attacking a connected car and killing a driver is unlikely to happen because it is unlikely to have much financial benefit. “
Who can have a ransomware attack on a connected car? Mr. Okuda believes that companies and organizations that use connected cars in their businesses, such as trucking companies, will be targeted. If the company’s connected car is locked by an attack, it will temporarily lose sales. It’s no wonder then some companies decide that it’s better to pay the ransom and get their connected car to work as soon as possible.
“Some companies think it’s better to pay if the loss is greater than the ransom. These attacks are of concern now,” Okuda said.
Connected cars are a treasure trove of information. Driver’s personal information, family information, travel information, etc. are accumulated. This information can be sold as is or used to attack the banking system.
“For automakers, if the security of their products is breached, their reputation will be damaged, and if negligence is admitted, it may lead to a lawsuit,” Okuda added.
However, so far, the recognition of the importance of connected car security is limited to the automakers and their surrounding ecosystems, and is not well-known among the average car user. Therefore, the appeal that “this car has excellent security measures” does not look attractive.
Mr. Okuda said, “If we can convey the importance of security to automobile users, we can also promote security as an attraction of cars. To protect drivers, promoting understanding of security is an important issue.” talked.