Automotive Ransomware On The Rise

Not even a week has passed since the WannaCry incident began, and already cybersecurity experts around the world are voicing their concerns for the state of cyber defense today. In particular, attention has been brought to the possibility of a similar “ransomware” attack on automobiles, a potential threat dubbed “clampware.” News publications on both sides of the Atlantic have brought attention to this prospect, including coverage by Fox News’ Auto Tech column.

The idea of clampware comes from the notion that a car could be disabled through a cyber-attack, with the driver being ransomed into paying a sum in order to have control of the vehicle returned to them. It has already been shown that nearly all of an automobile’s functions can be controlled remotely by exploiting cracks in a car’s network connections. Software defects in a vehicle’s ECUs, radio, and wireless communication systems such as WiFi, Bluetooth, GSM, and 4G could be exploited to grant the attacker access to the car’s vital operation components.

In the event of such an attack, a driver could be left stranded on the road with no way to operate their vehicle unless they pay the ransom fee. If a driver is unable to pay the fee, it then begs the question of who’s responsibility it is to assist these drivers? Horrifyingly, even emergency vehicles such as ambulances, fire trucks, and police cars could be subject to such attacks. This has the potential to be a huge area of concern for car insurance companies and lawmakers alike, as standards for handling such scenarios will inevitably need to be put into place.

Not only is the integrity of the individual networks important, but so is the interconnectedness of the networks themselves. Services like Trillium’s SecureCAR that provide powerful encryption and authentication solutions for in-vehicle networks will rapidly become a necessity as cars become more integrated into the Internet of Things. As different forms of connectivity are added to the smart cars of the future, the number of attack surfaces that need to be protected increases at the same rate. To this end, static, unintegrated cybersecurity solutions will not hold up.

In a quote from professor Martyn Thomas, an IT expert at Gresham College, Financial Times brings to attention the necessity of speed in administering fixes to such problems. To reliably and efficiently keep an entire fleet of vehicles protected in such a constantly changing environment, smooth Over the Cloud updates such as those provided by Trillium’s SecureOTA are a necessity. The fixes need to be available as soon as an attack is discovered, and must be as un-intrusive as possible to minimize the disruption of customers’ everyday lives.