When attackers target industries, they have several channels to compromise the aimed asset. For example, they have desktop computers, the network infrastructure, and the mobile environment, to name a few. Each channel has its quirks and forces, attackers, to apply specific techniques and flows to meet their goal.
The Context
Compared to other channels, the mobile app development context is newer and less mature; this allows malicious agents to reach their final purpose more efficiently or, at least, with less effort. Based on this, many mobile malware and mobile-focused attacks have been produced in the last few years (see reports for 2016 and 2017).
When talking about connected vehicles, the first thought is complicated attacks on the CAN-bus or control units. From an attacker’s perspective, the offense perimeter is usually much wider and less friendly, dealing with services relying on multiple actors, car components, vendor infrastructure, or end-user devices.
The Threats
The recent focus on mobile applications used to interact with the vehicle provides a new attack vector.
These applications generally include functionalities such as car GPS localization, door unlocking, engine starting capabilities, and general status monitoring, to name a few. During the last few years, we have seen some attacks, targeting companies such as Tesla (2016) and Hyundai (Blue Link, 2017), made possible thanks to exploits based on their mobile apps.
The Tesla application case was related to an Android vulnerability exploited by attackers to open the car doors and start the engine. Hyundai Blue Link case was instead made possible by intercepting network communications making the attacker capable of taking control of the user’s car.
These attacks were straightforward to be performed, making the situation highly worrying and endangering for the end-user, especially considering the future of connected vehicles: most vendors are starting to provide new security and commercial services built on top of existing platforms, transforming vendor mobile apps into dangerous attack vectors, dealing with privacy impacting data, safety-critical functionalities, identity-related information, and asset-related critical capabilities.
At the same time, smart cities are starting to include connected vehicles as part of the recipe for future transportation. It’s crucial to start protecting all the actors involved in the connected vehicle environment to prevent dangerous consequences for the end user’s safety and the car vendor’s reputation.
Our Vision
In XTN, we believe security in mobile devices passes through continuous monitoring of the security context of the application execution. Our Cognitive Security Platform has designed MORE to provide cutting-edge mobile security evaluation and SA for secure digital identity corroboration, both based on behavioural analysis and artificial intelligence.
MORE can detect malware threats, OS misconfiguration, reverse engineering attempts, account takeover, MitM attacks, to name a few features. SA can provide cryptographically secure identification while maintaining a transparent user experience.
XTN Cognitive Security Platform technology can protect vendors and final users from the different attack vectors threatening mobile platforms while responding to fundamental requirements for the automotive industry:
- realtime response: no one wants to wait to open their car doors;
- zero impacts on user experience;
- zero impacts on user privacy;
- accuracy and availability high standards.
— Guido Ronchetti, CTO @ XTN
Check out our online documentation, contact our sales team for more information, and schedule a live demo of our technologies.