As connected cars become part of everyday life, concerns for automotive cybersecurity also arise. To address these, WP.29, also known as the World Forum for Harmonization of Vehicle Regulations, a worldwide regulatory forum within the United Nations Economic Commission for Europe (UNECE), implemented UN Regulation No. 155 (UN R155). This regulatory framework requires the presence of a cyber security management system (CSMS) and the application of security measures throughout the life cycle of a vehicle. UN R155 also details 69 attack vendors that have a direct impact on connected cars, along with different factors that affect their ecosystem, namely, back-end servers, communication channels, update procedures, human error, external connectivity, data/code, and vulnerability hardening sufficiency.
In Trend Micro’s research titled “Identifying Cybersecurity Focus Areas in Connected Cars Based on WP.29 UN R155 Attack Vectors and Beyond,” researchers used the DREAD threat model, a type of qualitative risk analysis to categorize the risk level of different attacks.
Low-risk attacks require advanced skills and knowledge and cannot be easily executed, meaning they are less likely to affect daily drivers. These include impersonation in order to spoof messages, car communication attacks to gain unauthorized access to files and data, and phishing schemes that lure victims into loading malware or enabling an attack. Meanwhile, medium-risk vectors such as data loss in the cloud, unauthorized internet access to back-end servers, and Sybil attacks where a vehicle pretends to have more than one identity, are easier to execute and can cause moderate impact. However, there are still some limitations to executing such attacks. In contrast, high-risk attacks require the least amount of skill to execute but can endanger road safety. For example, denial-of-service (DoS) attacks can leave widespread impacts on a car’s ecosystem, while the introduction of malicious software or malicious software activity to an electronic control unit (ECU) can imperil a car’s safety while on the road. Lastly, using remainders like microprocessors, developer passwords, and debug ports is also considered a high-risk vector as this would allow attackers to escalate privileges or access the ECU.
Previous Trend Micro research has also explored attack vectors outside of those in UN R155. This means that car manufacturers (OEMs) and stakeholders must keep a watchful eye on the evolution of threats to connected cars, particularly risks faced by vehicle communication channels. We recommend starting from some basic cybersecurity principles and then expanding on them as necessary:
- Connected car threat intelligence. A baseline protection technology can detect, analyze, and respond to threats.
- Multilayered security. A multilayered security solution makes it more difficult for malicious actors to execute successful attacks.
- Security covering a comprehensive ecosystem. A comprehensive ecosystem includes an endpoint (vehicle), a network, and a back end.
- Vehicle security operations center (VSOC). A VSOC allows for a better understanding of the context of attacks to help security analysts identify the necessary countermeasures to mitigate impacts.
Visit our resource center to access more automotive cybersecurity research and learn more about relevant regulations and guidelines.