In the history of the development of the automobile industry for hundreds of years, it would not be an exaggeration to say that “smart networking” is the first step in the realization of the Internet of Vehicles. With the acceleration of 5G base station construction in 2020, the Internet of Vehicles (C-V2X) is undoubtedly the first core industry to benefit.
However, in the development process of connected cars, they have also revealed a series of security issues. Together with the intelligent connected cars, there are also hackers who attack the vehicles and their endless attack methods.
Although smart connected cars look “smart”, trying to cheat them is far simpler than people think.
I. “Security offensive and defensive battles” on the highway
360 ’s “Intelligent Connected Car Information Security Annual Report 2019” recently released reviews the automotive safety incidents of the past year. In May 2019, researchers at the Tencent Cohen laboratory “played” a Tesla Model S through a display screen using a Worley noise function to simulate a picture of water ripples. A few seconds later, the Model S ‘automatic wiper started working-without a drop of rain.
Figure: Tesla model S cockpit perspective
The neural network in Tesla’s “brain” was obviously “confused” by noise, and it misjudged “whether it was raining.”
The loophole is not the same. Using the same principle, the researcher successfully deceived Tesla’s road recognition system with a sticker, causing the vehicle to turn wrongly.
According to Zeng Pengyi of 360 Intelligent Networked Automobile Safety Lab, because autonomous driving is based on image recognition algorithms, the means of attacking it often generates “invisible” confrontation samples that cannot be quickly recognized by the naked eye, but it will visually identify autonomous vehicles The system can be extremely harmful.
With the rise of Internet-connected cars, a security offensive and defensive battle on the highway has begun quietly, and major car companies are facing unprecedented pressure. Based on the advantages of security technology, 360 Company also puts an end to the network accident, and develops a solution that can prevent cyber attacks.
As early as 2018, 360 cooperated with BYD. Di-link released by BYD that year adopted the security program provided by 360 to protect the vehicle’s PAD anti-virus and anti-root.
In December 2019, Mercedes-Benz, a German car company known for its safety, announced a cooperation with 360. During the cooperation, the 360 security team helped the century-old car company fix 19 system vulnerabilities.
From the beginning of 2020, from new energy and intelligent network connection to lane coordination and driverless driving, these travel-related capital concepts have all performed well in the secondary market. Dongfeng Securities analysts believe that the core breakthroughs in the Internet of Vehicles focus on the communication side and software systems, which are located in the upstream and midstream of the Internet of Vehicles industry chain. And 360 company, through the technological advantages in the field of security, “crowded” into the upstream industry of intelligent network connected cars, took out the “housekeeping” ability-360 security brain.
Second, new types of attacks are emerging
With lane coordination, if an attacker successfully breaches the communication module, a serious multi-vehicle accident may occur in the future.
According to members of the 360 Intelligent Connected Car Security Lab, in the recently discovered new attack method of the Connected Car, the communication module can be described as “suffering from the enemy”, and the problem lies in the APN private network.
(Legend of APN)
As shown in the figure above, this attack method can obtain the APN’s networking information and TSP log information through the TCU’s debug interface or the storage module, and then communicate with the TSP server of the car factory by connecting the ESIM module.
APN is a proprietary network established by the operator for the manufacturer. Because the private APN is a private network with a high level of security, it is directly connected to the core switch of the car factory, bypassing the protection of the firewall and intrusion detection system on the network side.
It seems safe to do so, but if the hacker successfully penetrates the internal network of the car manufacturer through the private APN network, then the consequences will be unthinkable. If the hacker is willing, he can implement further penetration attacks to achieve remote batch control of cars.
“Car companies consider private APNs to be a secure channel isolated from the public network, so most car companies are not as strong as the security detection and protection mechanisms for accessing core assets through private APNs,” said Zhan Pengyi when talking about private APN networks. During the loophole, it is emphasized that it is undoubtedly very dangerous for car companies to ignore the security design of private APN to connect to the internal network.
At the BlackHat World Hacking Conference in August 2019, Baidu mentioned that some communication modules widely use embedded Linux and RTOS systems. Such systems have inherent DDoS and remote code execution vulnerabilities, which provide hackers with access to The “preferred opportunity” of the APN private network. Thus indirectly releasing vehicle control.
It can be seen that the potential danger caused by communication module vulnerabilities cannot be underestimated.
As mentioned earlier, the 360 Intelligent Connected Car Security Lab also used this type of vulnerability in its research with Mercedes-Benz. The use of new types of attack methods to remotely open the doors in batches and start the engine control operations, affecting more than 2 million Mercedes-Benz vehicles.
In the “2019 Intelligent Connected Car Information Security Annual Report” released by 360, it is mentioned that if the security personnel overly trust T-Box, it is likely to ignore the security issues of the private network and TSP itself.
360 SKY-GO researchers purchased several sets of Mercedes-Benz Automotive Communication Modules (TCUs), built a test platform, tested them one by one, and found that loopholes could bypass security measures in Mercedes-Benz’s in-vehicle systems. Achieve batch remote control of cars.
In order to reduce this situation, 360 Intelligent Connected Car Safety Lab started designing more secure vehicle communication modules as early as 2018. By upgrading the traditional communication module, a security chip is added to establish a secure storage mechanism, and TEE key environmental protection application services are integrated to run in a secure environment. The intrusion detection and protection module is embedded to provide security monitoring on the TCU side. .
According to reports, the 360 safety communication module can be directly adapted to the safety communication module or to the TCU software, and the deployment method is simple. At present, the 360 Intelligent Network Connected Car Team has cooperated with 80% of domestic mainstream car manufacturers and intercepted more than 35,000 attacks.
With the resonance of the three factors of policy, technology and industry, 2020 will become the first year of the large-scale implementation of the Internet of Vehicles. The industry estimates that by 2020-2030, the total scale of the domestic connected car industry will be close to 2 trillion yuan.
According to a listed company, many car companies last year placed large orders on in-vehicle information systems, such as Volkswagen, Audi, and domestic start-up Chinese Express. The production time of the orders was concentrated in 2020 and 2021. This means that In new models in the near future, car buyers can enjoy the driving pleasure brought by intelligent connected cars.
In recent years, in order to provide a better experience for car buyers, we will find that some car companies try to promote smarter functions, such as digital keys, mobile phone call and other convenient functions, so here again, it is not important to emphasize the safety of connected cars. Too.
With more and more integrated functions of in-vehicle systems, car companies choose to cooperate with professional information security companies to jointly reduce the risks of connected cars and ensure the safety of travel. This is undoubtedly the most wise and scientific choice. Not only can we fight against various known vulnerabilities, but we can also prepare for lasting defense and push the security of intelligent connected vehicles to the extreme.