Ransomware-Like Attack on a Connected Car
October 1, 2016
Kenney Lu and Spencer Hsieh wanted to see if it was possible to hold a car for ransom. By targeting the in-vehicle infotainment (IVI) system, they were able to simulate a ransomware-like scenario, where a fake update eventually led to the vehicle’s being compromised.
UN R155 References
- 4.3.2 Threats to vehicles regarding their communication channels
- 4.3.3 Threats to vehicles regarding their update procedures
- 4.3.4 Threats to vehicles regarding unintended human actions facilitating a cyber attack
- 4.3.5 Threats to vehicles regarding their external connectivity and connections
- 4.3.6 Threats to vehicle data/code
- 4.3.7 Potential vulnerabilities that could be exploited if not sufficiently protected or hardened