How is your car vulnerable to a cyber attack while driving ?

Posted at 12:08 PM, Mar 27, 2015

Singapore, Singapore- With online threats all around us security is key, but with new car hacking inventions, drivers may be at risk of cyber attacks on the road as well.

The 2015 Black Hat Asia Conference is organized by UBM Tech and took place from March 24th to the 27th of March at the Marina Bay Sands Convention Center in Singapore, Singapore. The conference, which is held each year, covers topics including: abusing the internet, detection, blackouts, stakeouts, understanding the vulnerabilities of attacks, and powering intrusion investigations.

According to the Black Hat Asia Conference, on Thursday , March 26th, former Telsa software engineer Eric Evenchick planned to showcase an open source tool that makes communication with the Controller Area Network (CAN), which is the protocol used in automobiles. Evenchick will be portraying how to exploit the CAN system itself.

The device will give people a source to attack vehicles on their own. The CANtact is an open source board that will be available for sale between $60 and $100 here soon. The device will connect with one end to a computer’s USB port, and the other to a vehicle’s OBD2 port, which is a network port located beneath a dashboard. This tool will make the connection between  a computer and a vehicle’s controller area network (CAN bus), which is a group of connected computers that control all things from windows to breaks in modern cars.

Evenchick’s creation is much less expensive compared to that of competitors, and it exposes drivers to the threat of attacks. Thus, it goes to show that anything connected to the internet cannot be secure.

According to CBS, the U.S. military’s Defense Advanced Research Projects Agency (DARPA) is working to eliminate this vulnerability. DARPA is working to create “unhackable software” for small devices which could potentially solve issues in cyber attack attempts. The military first became interested in the project in an attempt to secure its drones; however, the world of cyber attacking is increasing  each day. As of right now, DARPA is working on a prototype that would locate and isolate any breached computer on the military network.

This prototype would provide the skills to quarantine the computer, and then shut it down. Thus the prototype could be used to uncover the specific pinpoints of a computer being used to control a vehicle and stop it from acting on another device. Yet, with a device as affordable and available as a CANtact, the race in technology may have just placed cyber attackers ahead of the government in the cyber battle, until the prototype or akin technology is readily available to protect the public.

-Meghan Puryear