BY JOE UCHILL – 08/16/17 01:55 PM EDT
Researchers have determined a weakness in some cars’ internal networking system that could allow an attacker with physical access to knock components offline, including critical safety features.
A group combining researchers from Politecnico di Milano, Linklayer Labs and Trend Micro’s Forward-looking Threat Research team released information on their new attack on Wednesday.
The attack relies on the CAN bus protocol, a three-decade-old networking layout allowing components to issue commands to one another. That could mean, for example, the engine turning up the stereo’s volume when a driver steps on the gas to keep the radio audible over increased noise.
Most modern cars and many other products rely on the CAN bus system.
But CAN bus is easy to manipulate — it communicates through a series of zeros and ones, where zero is represented by transmitting an electric current and one by transmitting no current. If a component can be set to never turn off the current, it can cause any component it’s communicating with to spit out repeated error messages. After too many error messages, a component shuts itself down.
“If someone was to install an aftermarket part that had been tampered with, they could set off a denial of service attack that is stealthy,” said Trend Micro Senior Threat Researcher Federico Maggi, who worked on this project with Andrea Palanca, Eric Evenchick and Stefano Zanero.
Denial of service attacks are ones that overwhelm a system with data until it ceases to function properly, in this case using error message-inducing data to cause components to shut down.
Maggi believes that there is no way to patch current cars to fix the problem — people may only be able to mitigate the problem by being cautious about which people and aftermarket parts are given access to their cars.