Researchers at Pen Test Partners have hacked into a Mitsubishi Outlander plug-in hybrid's on-board Wi-Fi system, just weeks after the FBI and the United States National Highway Traffic Safety Administration jointly warned that modern cars are vulnerable to cyber-attacks.
The researchers discovered that the Mitsubishi’s mobile app connects to the car via Wi-Fi, and then gives the user control over various functions in the car itself. Once the Wi-Fi connection had been hacked, Pen Test researcher David Lodge and his team were able to turn the car's lights on and off, force the car to charge, turn the air conditioning and heating on and off - and disable the alarm.
Once the alarm has been disabled and the car broken into, Lodge says the door is open to many more hacks. "The on-board diagnostics port is accessible once the door is unlocked," he wrote in a blog. "Whilst we haven’t looked in detail at this, you may recall from a hack of some BMW vehicles which suggested that the OBD port could be used to code new keys for the car." The short term solution for Outlander owners, Lodge wrote, is to disable the car's Wi-Fi module. Longer term solutions could include a firmware update for the Wi-Fi module and, ideally, a change from Wi-Fi to GSM as a method of connecting the mobile app to the vehicle.
Automotive Industries (AI) asked Cigital managing consultant Art Dahnert just how hackable cars are today.
Dahnert: The cars being built today are very hackable. They are designed to be from the start. This is due to several reasons, including aftermarket and third-party service requirements and long-term parts supply and support. It is important that your favorite local mechanic can diagnose and repair your car. Also, customers demand that they are able to customize and enhance their cars as it appeals to them on an individual basis.
AI: What do companies need to do to prevent hacking?
Dahnert: Auto manufacturers need to involve security personnel early in the design phase if they want to prevent the majority of the issues that have cropped up lately. Having a thorough review of the system and component architecture prior to development will uncover potential problems when they are easiest to fix. It is also important to have a rigorous security assessment (pen test) prior to final production. This allows for verification of the implementation from a security professional’s perspective, which could have prevented the poorly thought out approach used by Mitsubishi.
AI: Cigital talks about building in security into cars – what do you mean by this?
Dahnert: This is the simple notion of not bolting security on at the end of the process after the software has been completed, but rather including secure software development actions along the entire life cycle. This should include architecture and code reviews that are security-oriented, regular or periodic security assessments and relevant security training for the development team. It includes giving software security the same “weight” as vehicle safety from a management and team perspective. As the automotive industry moves to a more security-minded focus, working with the security industry to develop standards and guidelines for automotive software security will yield faster and more predictable results. Manufacturers should engage relevant security professionals as early and often as possible.
AI: Which automotive OEMs has Cigital worked with to make this happen?
Dahnert: Cigital has experience working with several major U.S. and European auto companies.
AI: Tell us about SecureAssist, and how it can help auto manufacturers?
Dahnert: SecureAssist is a tool to help developers eliminate security issues as they create them in their native development environment. However, more than just eliminating security weaknesses, it helps train the developers by providing them with education on the impact of the problem and how to prevent it in the future. This is security training that happens in real time.
AI: How effective has the Building Security in Maturity Model been, especially among OEMs?
Dahnert: The Building Security In Maturity Model (BSIMM) is an excellent tool to help identify areas that can be improved using a holistic approach. It is great for comparing results after implementing improvements. It is easy to understand and comprehend, which makes it helpful when talking to senior leadership and the development staff. As for the OEMs, it is just starting to be utilized. However, I’m sure that they will see how they can improve their systems and procedures/programs, especially as they start to compare themselves to the rest of the industry.
AI: Tell us about your company’s expertise in security for the connected vehicle?
Dahnert: There are many moving parts in the “connected vehicle” and I mean that both figuratively and literally. There are embedded in-car systems, back end systems that work with the embedded systems, integration with third party platforms and facilities and a host of other technologies that run on software. Cigital has extensive experience in all of those “pieces of the pie.” We have been performing software security analysis for over 20 years, and in that time period we have worked on all of the technology that is associated with the connected car today. In addition, we are always looking to the future of software and technology.
AI: What business potential does the automotive industry offer software security companies such as Cigital?
Dahnert: The automotive industry has a multi-billion dollar global impact.
Manufacturers are using software to drive the market and technology forward. There are more computers and lines of code in the latest connected car than there is in the average commercial aircraft. And all of that software, including new software being written today, has to be secured, which represents a significant direction for Cigital. As the OEMs and their suppliers work to create new products and features, we will be there to help them succeed in building security that can be relied upon for many years to come.