Yes, the enterprise should be concerned about criminal hackers attacking corporate fleets. Black hat hackers are attracted to vehicles as automotive systems use and share a growing wealth of personal and enterprise data. Cyber thugs will find many points of entry into connected cars and the sensitive internal systems, components, and information inside.
To close those vulnerabilities, cybersecurity professionals should look to automotive cybersecurity companies and vehicle manufacturers for appropriate tools and approaches, and best practices for applying those products and technologies.
Leverage these technical tips for keeping your people and your data safe in vulnerable corporate vehicles.
Assume that in-car Wi-Fi/Bluetooth/USB and other in-vehicle communications channels and connections are hostile.
While attacks on connected cars can target any connected system, says Patrick Dennis, CEO, Guidance Software, and a graduate of RIT, the principle targets include the following lengthy list of safety and entertainment features:
Adaptive Cruise Control systems (ACC), Forward Collision Warning Plus systems (FCW+), Lane Departure Warning systems (LDW+), Park Assist Systems (PAM), Passive Anti-Theft Systems (PATS), Tire Pressure Monitoring Systems (TPMS), Remote Keyless Entry/Start Systems (RKE), HVAC Systems (Air Conditioning & heating systems), Bluetooth Connectivity, Radio Data Systems, Wi-Fi Connectivity (encryption) and open ports, Cellular connectivity, CAN Bus Connectivity, USB connectivity, D-BUS Services, and GPS.
When a criminal hacker or group gains control of one or more of these systems, it makes the system(s) and data packets hostile to other in-vehicle and extra-vehicular systems as well as to your data, and to people in and near the vehicle. By first assuming that these systems are hostile, you can protect each system against infiltration or betrayal by neighboring systems.
Use a zero trust security model to protect data and employees.
A zero trust security model will begin to protect data that passes through or lives in vehicles whether that information touches endpoints, or systems and databases internal to the enterprise that manage vehicles as enterprise systems or assets. Criminal hackers can most certainly attack vehicle systems to get cars and trucks to attack your employees, and zero trust will mitigate much of this, as well.
Zero trust comes from, “Developing a Framework to Improve Critical Infrastructure Cybersecurity,” a paper from Forrester and NIST. For zero trust to work, all access to any information resources must be secure access regardless of the location of the resources or the location where, or the means by which, the access starts. Cybersecurity pros must continually establish and routinely pen test and audit secure access both for new and existing information resources.
Zero trust requires least privilege and least access, enforced by Role Based Access Controls and technologies that limit permissions on some systems and deny access altogether on others. Least privilege means removing administrative computer credentials and any other information system privileges that go beyond the minimum necessary for the automotive system, external system or technology, or user to do the job at hand. “Using a model of least privileges will help ensure that if a component is attacked and tampered with the impact to overall vehicle security is low,” says Justin Elze, Principal Security Consultant, OSCP, C|EH, CPTE, CCA, ACSP, TRUSTEDSEC, LLC.
Least access means that if someone has no reason to have access to a system at all, then they should never have any access to that system. Cybersecurity professionals can and do circumvent security by giving in to high-ranking employees and executives who ask for special access “just this once, to make my job easier.”
The zero trust model requires that you log and analyze all traffic that touches vehicles looking for evidence of anomalous behavior, intrusions, and data breaches.
Use these practical technical steps to implement zero trust in connected vehicles
Cybersecurity professionals can ensure secure access for enterprise fleets by insisting that vehicles use access control technologies and approaches that have worked well for other enterprise networks and systems. These technologies and approaches can include HTTPS and other secure protocols and encryption, secure login credentials, private access keys, managed access rights, and segmenting less secure communications channels away from critical safety and data systems.
Cybersecurity pros can ensure least privilege on vehicles where manufacturers implement low-overhead credentialing and authentication systems with revocable permissions, develop time-windowed access control systems, harden gateway (network-bridging) modules to resist leaking information to or from sensitive networks, and encrypt communications occurring in-vehicle behind the gateway module (on all internal, private networks), says Joshua Siegel, postdoctoral researcher at MIT, instructor at MIT's IoT Bootcamp, and the founder of the automotive connectivity platform CarKnow.
Least privilege must apply to access to the connected car and access to technologies that control the connected car. “Compute clouds that interact with connected fleets are veritable honeypots, providing a single target harboring the information for a large fleet of vehicles; a compromised cloud-based server likely has administrative actuation privileges for its connected fleet,” says Siegel.
You can log and analyze connected car traffic using standard devices such as CAN packet sniffers and Ethernet packet inspection tools in-vehicle, or FlexRay/MOST/LIN and other intra-vehicle network development tools that allow for the interception, inspection, and analysis of network traffic, says Siegel.
By preferring vehicles that offer complete, end-to-end cybersecurity using best-in-breed solutions like those mentioned above, you will go a long way toward safeguarding enterprise data, and drivers and passengers.