It was only a matter of time until cyber attackers honed in on connected vehicles. As the technology in vehicles becomes more complex and increasingly connected, vehicles are becoming more vulnerable to cyber attacks.
Not only are attackers targeting connected cars, they are also conducting cyber espionage campaigns targeting manufacturers to gain competitive advantage. There have been multiple intrusions in the automotive industry in Europe over the past few years, mainly from Chinese attackers. Additional activity has also been seen from North Korea and Vietnam.
Across the Middle East, connected vehicles are increasing in popularity. Dubai recently announced its Dubai Autonomous Transportation Strategy, aiming to transform 25% of the total transportation in Dubai to autonomous mode by 2030, involving five million daily trips.
The strategy includes the launch of the Dubai World Autonomous Transportation Challenge as a global RFP to encourage the world’s most innovative international companies, academic institutions and centers of research and development to test the latest advances and provide transportation solutions and scenarios that are realistic and tailored for the streets of Dubai.
It’s important for other regions around the world, and the rest of the Middle East, to safeguard themselves against these types of attacks. Here are three to be aware of.
Cyber espionage remains a high threat to the industry, given its highly competitive nature and market pressure. State-sponsored threat groups exist, with a goal to steal information from automotive manufacturers such as proprietary research, development data and intellectual property that could provide an economic or competitive advantage.
Infiltration of manufacturing supply chains
Many control systems from industrial environments and manufacturing plants in the automotive sector across Europe and globally are exposed. While these environments are targets for malicious cyber activity, smaller companies in supply chains have also been targeted then used to abuse trusted connections to access the main target’s networks.
Distruption of connected vehicles
As more cars use keyless entry systems and electronic fobs to lock and unlock car doors, criminals have increasingly exploited vulnerabilities in these systems to gain unauthorised access to vehicles. Threats can exploit vulnerabilities in a car's systems even if they are not in the target's immediate proximity. Researchers have found ways to disrupt vehicle sensors, allowing them to interfere with systems such as road sign recognition, although there is only a low likelihood that criminals will conduct this type of activity on a large scale due to the technical complexities involved.
Mohammed Abukhater is the Vice President for MEA at FireEye.