Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Monday, 30 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Vehicle hack disables safety features on most modern cars

by The Gurus
August 18, 2017
in Editor's News

Man stealing data from a laptop sitting in a car

Share on FacebookShare on Twitter

It has been discovered by security researchers that the majority of modern vehicles are at risk from a design vulnerability which could be potentially disabled by a hacker. The security flaw could allow an attacker to turn off the safety features, such as airbags, ABS brakes, and power steering; essentially any of the vehicles computerised components connected to its controller area network or CAN bus.
In a world where the majority of connected devices developed are flawed, there have been many examples of researchers, engineers and hackers infiltrating vehicles and exposing the vulnerabilities which have revealed some shocking results. A Jeep was hacked on a highway and a Tesla was breached, whereby the security researchers gained control of the braking system while the car was in motion.
Commenting on the news is Art Dahnert, managing consultant at Synopsys, who said “The problem identified by Trend Micro is related to the design and architecture of the CAN bus found in nearly all new cars today. The development of the technology goes back to the 1980’s, predating the World Wide Web. No one at that time thought that someone would deliberately try to sabotage a vehicle over the in car network.
“The attack involves creating a Denial of Service for a specific target by using the error management built into the CAN bus protocol. When an attacker causes the network to send too many error “messages” (frames) to a device, the design dictates that the target goes into a Bus Off state. This means that it will no longer respond to messages or send new ones, effectively disabling the device. In the case of an automobile it might be the ABS or airbags or even the electrically assisted power steering.
“Generally, these types of attacks will require access to the vehicle and the ability to persist beyond a restart. However, now that newer vehicles can be connected to the internet in a myriad of ways this is no longer true. Taking advantage of connected phones and telematics features, an attack could happen without direct physical access. And this isn’t necessarily isolated to a single manufacture or model of vehicle.
“Even though the problem has been identified, resolving it will be a long time coming. There are many factors involved, including the large number of vehicle and component manufacturers as well as the technical difficulties in developing a solution for this type of problem. Not to mention the requirements to allow access by the aftermarket and third party repair establishments.
“You can’t bolt on security, it has to be built in from the beginning. A simple update will not fix the cars on the road today.”

FacebookTweetLinkedIn
Tags: CybersecurityTechnology
ShareTweetShare
Previous Post

UK CEOs see cyber security spend as a revenue opportunity

Next Post

Anonymous calls for Trump's impeachment, leaks private contact details of 22 GOP senators

Recent News

Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023
Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023
Lupovis eliminates false positive security alerts for security analysts and MSSPs

Lupovis eliminates false positive security alerts for security analysts and MSSPs

January 26, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information