When attackers target industries, they have several channels to compromise the aimed asset. For example, they have desktop computers, the network infrastructure, and the mobile environment, to name a few. Each channel has its quirks and forces attackers to apply specific techniques and flows to meet their goal.
Compared to other channels, the mobile app development context is newer and less mature; this allows malicious agents to reach their final purpose more efficiently or, at least, with less effort. Based on this, a massive amount of mobile malware and mobile-focused attacks have been produced in the last few years (see reports for 2016 and 2017).
When talking about connected vehicles, the first thought goes to complicated attacks on the CAN-bus or control units. The offense perimeter is usually much wider and less friendly from an attacker perspective, having to deal with services relying on multiple actors, car components, vendor infrastructure or end-user devices.
The recent focus on mobile applications, used to interact with the vehicle, provides a new attack vector.
These applications generally include functionalities such as: car GPS localisation, doors unlocking, engine starting capabilities and general status monitoring, to name few and during the last few years, we have seen some attacks, targeting companies such as Tesla (2016) and Hyundai (Blue Link, 2017), made possible thanks to exploits based on their mobile apps.
The Tesla application case was related to an Android vulnerability exploited by attackers to open the car doors and start the engine. Hyundai Blue Link case was instead made possible by intercepting network communications making the attacker capable of taking control of the user’s car.
These attacks were particularly easy to be performed making the situation highly worrying and endangering for the end user, especially considering the future of connected vehicles: most vendors are starting to provide new security and commercial services built on top of existing platforms, transforming vendor mobile apps into dangerous attack vectors, dealing with privacy impacting data, safety-critical functionalities, identity-related information and asset-related critical capabilities.
At the same time, smart-cities are starting to include connected vehicles as part of the recipe for future transportation. It’s crucial to start protecting all the actors involved in the connected vehicle environment in order to prevent dangerous consequences for the end-user’s safety and the car vendor’s reputation.
In XTN we believe security in mobile devices passes through continuous monitoring of the security context of the application execution. In our Cognitive Security Platform, we have designed MORE to provide cutting edge mobile security evaluation and SA for secure digital identity corroboration, both based on behavioural analysis and artificial intelligence.
MORE is capable of detecting malware threats, OS misconfiguration, reverse engineering attempts, account takeover, MitM attacks, to name a few features. SA can provide cryptographically secure identification while maintaining a transparent user experience.
XTN Cognitive Security Platform technology can protect vendors and final users from the different attack vectors threatening mobile platforms while responding to fundamental requirements for the automotive industry:
- realtime response: no one wants to wait to open their car doors;
- zero impacts on user experience;
- zero impacts on user privacy;
- accuracy and availability high standards.
— Guido Ronchetti, CTO @ XTN
Check out our online documentation and contact our sales team for more information and to schedule a live demo of our technologies.