Threat Analysis

Researchers from the University of Oxford and Armasuisse Science and Technology (S+T) discovered an attack method that would work against the Combined Charging System (CCS) and disrupt the ability of electric vehicles to charge at scale.

A hacker who goes by the name NotPike on Twitter revealed how they were able to conduct a replay attack on Tesla's charging ports. This was because the ports use 315 MHz as their standard signal to open ports, which can be replayed to open charging ports.

Ayyappan Rajesh submitted a proof of concept for CVE-2022-27254 and showed how the keyless systems of different Honda vehicles send the same unencrypted radio frequency (RF) signal for commands like opening a car door and starting the engine remotely. This could allow threat actors to conduct a replay attack.

The Cuba ransomware group, known for targeting critical infrastructures, claimed to have gone after Hyundai's automotive parts manufacturer, Hyundai Powertech.

Various reports show how cybercriminals have been targeting suppliers for major car manufacturers like Toyota. For example, the Rook ransomware group announced that it had attacked Denso, one of the largest automotive parts suppliers in Japan.

Bridgestone, one of the largest and best-known tire manufacturing corporations in the US, confirmed its having been hit with the LockBit ransomware. The LockBit ransomware gang took credit for the attack and threatened to publish Bridgestone data.

A signal from a local NPR station bricked the infotainment systems of certain Mazda vehicles manufactured from 2014 to 2017. The signal turned out to be image files sent by the station on its HD radio stream, which the systems were unable to process.

Toyota's partner and manufacturer of interior and exterior automotive components, Kojima Industries, was reportedly targeted by a ransomware campaign. Toyota had to shut down operations on 14 of its plants in Japan because of the attack.

David Colombo, a young hacker and security researcher, successfully interacted with more than 25 Tesla vehicles in 13 different countries. Through a bug, he was able to access a great deal of information about these vehicles and even run remote commands.

In his report, Sébastien Dudek looked into the possibility of attackers using the Log4j vulnerabilities in the automotive world, specifically to gain access to devices used in cars and car chargers.

Andrea Palanca, Eric Evenchick, Federico Maggi, and Stefano Zanero tested a vendor-neutral attack that could target connected cars and abuse CAN (Controller Area Network), the network protocol that connects all in-vehicle equipment and systems and allows them to communicate.

Kenney Lu and Spencer Hsieh wanted to see if it was possible to hold a car for ransom. By targeting the in-vehicle infotainment (IVI) system, they were able to simulate a ransomware-like scenario, where a fake update eventually led to the vehicle's being compromised.