Autmobile
The car thieves are employing more sophisticated techniques and all new vehicles are at risk

The car thieves are employing more sophisticated techniques and all new vehicles are at risk

Control modules

It’s also important to know that the computers within our vehicles’ numerous electronic control modules (ECMs) control everything from the engine, transmission, and powertrain – the entire set of components that propel the car forward, including the suspension and brakes. Each of the ECMs is designed with huge amounts of computer code, which, unfortunately, could be vulnerable.

To attempt to reduce the risk of the risk of such security risks international safety standards such as these SAE J3061 and ISO/SAE 1434 will guide companies in the area of security-conscious code design and development as well as testing. With the number of complex and interconnected systems, in addition to the deadlines for production and shareholder expectations automobile companies must deal with, security vulnerabilities can be able to go unnoticed.

Certain criminals have taken advantage of keys-less systems for entry however, there are more sophisticated methods to rob vehicles.

Criminals have managed get access to vehicles Electronic control units (ECUs) as well as the diagnostics ports that are onboard for gaining access to evade security. These ports are computer interfaces found on the majority of vehicles that give technicians rapid access to the car’s diagnostic system.

This allows for faster servicing because the technician is able to connect to this socket to access all of the vehicle’s sensor data all in one place. This is what makes the detection of faults easier since fault codes are easily recognized and other issues in performance detected before they turn into a serious issue. This also makes it an attractive potential target for car thieves.

Deceptive damage

Recently, reports have demonstrated the ways that car thieves are able to access ECUs. They can even infect experts. Ian Tabor, cyber security consultant with the engineering services firm EDAG Group, recently experienced what initially seemed to be a case of vandalism that was not worth the cost to the vehicle he was driving Toyota RAV4. But, after the vehicle disappeared, it became apparent that the vandalism had been part of a sophisticated vehicle theft scheme.

In this case, car thieves took off the front bumper of Tabor’s vehicle to gain access to the assembly of headlights. This was done in order to gain access to the ECU that is the one that controls the lighting. This then gave access to the popular Controller Area Network (CAN bus). It is the primary interface that allows ECUs to communicate with each other.

In the case of Tabor, using the CAN bus enabled the criminals to insert themselves into the vehicle’s electronic systems. The fake messages were directed at the security systems of the vehicle and were designed to appear as if a legitimate key was found.

The outcome was that the doors of the car were not locked, which allowed the engine to start and the vehicle to be taken away – with no fob to enter the key. Contrary to the relay attack discussed earlier, this type of attack is not able to be stopped with a cheap Faraday bag because the fob itself is not required in any way. The message that the fob could have sent is now being generated by thieves.

To add more to the issue, Tabor’s investigation found that the equipment that the thieves used cost about $10 (PS8). Even more shockingly, the parts are available already assembled and programmed, meaning that all the burglar has to do is connect a car’s electrical wiring.

Recent reports revealed these devices disguised themselves as a Nokia 3310 phone and a JBL-branded Bluetooth speaker. This implies that at first glance, the car thief searched and stopped for a device, no obvious or noticeable device would be found.

Experts have stated that the only permanent solution to this kind of attack would require automobile manufacturers or industry organizations to get involved. It will require time. While this is happening, vehicles that are vulnerable to this kind of attack will be unable to defend themselves. Most new cars are at risk.

Leave a Reply

Your email address will not be published. Required fields are marked *