[ Chexun Wang reported ] 2020 March 24, 360 released “2019 Intelligent Network of Automotive Information Security Annual Report” ( “the Report”). This is the fifth year in a row 360 released cars with intelligent network information security annual report. Report reviews the progress with the car network security intelligence network, and recommended that the initiative to build defense in depth security strategy for 2019 emerging as the intelligent network linking car ldquo; new four modernizations rdquo; escort.
new attacks struck secure communication module 360 Depot will solve most problems
communication module is cause batch control the root causes of the occurrence of the car. August 2019, Baidu company in the world BlackHat hacker conference to announce the hacker can directly access resources within the depot back APN core network, which carried out attacks control of the vehicle. December 2019, 360 intelligent network linking together laboratory safety car was found at the research center and the Mercedes-Benz and fixes 19 vulnerabilities mdash; mdash; these vulnerabilities may be remotely open and close the door in batches, shut down the engine start and other control truck operators, affecting more than two million Mercedes-Benz cars. After
360 Intelligent Network of automotive safety laboratory found that such new methods of attack, immediately put into research and development of secure communications module. Through traditional communication module has been upgraded over the original module infrastructure, increase security chip to establish a secure storage mechanism. TEE integrated environmental services running critical applications in a secure environment, and embedded intrusion detection and prevention module, provides security monitoring on the TCU end side, detect abnormal behavior, dynamic offensive and defensive combat with the attacker. By way of active defense, against attacks.
After a lot of research and analysis, most automakers have similar security vulnerabilities exist, and can not perceive the new occurrence of such an attack, intelligent network linking 360 automotive safety laboratory safety communications module is particularly necessary .
frequent car attack pattern 360 to create the perspective of a hacker penetration testing services
“Report” analyzes more than 2019 car safety incidents occurred, covering the use of modules for communication, PKES car keys, TSP servers, mobile phones and other APP vulnerabilities, hackers not only to explore more intelligent network linking car attack surface, while the extent of the attack surface of each study is also increasingly deepened.
In the attack vehicle key digital system as an example, one method, the key signal is amplified by way of a relay attack, and that the key response RF signal is received within a short distance car, whereby complete a full course of challenge-response communication, and ultimately steal the vehicle; second method is by studying PKES encryption algorithm hack car keys keys, using the algorithm loopholes, copy the key car keys, unlocking vehicles.
From the cost point of view the attack, hackers and security researchers made PKES car keys attack equipment is not expensive and easy to carry, researchers have claimed replication car keys cracking tools only need Raspberry Pi 3 Model B +, one for RFID sniffing and cloning Proxmark3, Yard Stick One antenna and used to power a USB charging Po, the total price of less than $ 600 (about 4250 yuan), can be easily placed in a backpack.
against a dazzling variety of hacker attacks, intelligent network linking the car needs a new safety test mode. 360 Intelligent Network in conjunction with automotive safety laboratory security threat intelligence, the use of black-box testing mode, means fully simulate hacker attacks, according to the vehicle networking ldquo; cloud rdquo;, ldquo; pipe rdquo;, ldquo; end rdquo; three surface structure, combined with security issues in various parts / systems, vehicle-level safety tests conducted comprehensive safety hazards and determine the scope of reasonable safety recommendations, providing comprehensive penetration testing services from the perspective of a hacker.
Model S key FOB break device
automotive network security standards will be fully rolled out 360 recommendations need to take the initiative in depth defense strategy
2020 automotive network securityStandard full swing full year, ISO / SAE 21434 will provide a systematic methodology to guide the construction of the automobile industry chain network security system, ITU-T (ITU Telecommunication Standardization Bureau), SAC / TC114 / SC34 (National Automotive Standardization Technical Commission intelligent network of automotive technical Committee), SAC / TC260 (technical Committee of standardization for Information technology security), a series of car network security technology standards CCSA (China communications standards Association) and other organizations and alliances, ground security technology to provide a reference .
However, the current safety standards are mostly provided baseline security requirements, in dynamic network security environment, just follow the standard, the use of passive defense mechanism password application is not enough. New attack after another, we need to build a multi-dimensional security system, enhanced security monitoring and other active defense capabilities.
Review of 2019, the rapid growth of car information security incidents, means of attack after another, the “Report” proposed a five-point for automotive manufacturers, suppliers, service providers recommendation:
1, supply chain car prices manufacturers should be regular network security penetration test should be used as a vital criteria, in terms of quality systems, technology and management level, comprehensive assessment supplier.
2, follow automotive network security standards, the establishment of enterprise network security system, a network of cultivating safety culture, establishing regulatory mechanisms to carry out activities in the network security life cycle.
3, passive defense programs can not cope with the emerging network security attacks, requiring the deployment of secure communication module, security gateways and other new car security product, abnormal traffic, IP addresses, and other real-time monitoring of system behavior, proactively identify attacks, and timely warning and blocking, multi-node linkage through to construct layered defense in depth system to point to an area.
4, network security environment is constantly changing, the safe operation of platforms can be networked to end by monitoring the car, pipe, cloud data, combined with accurate threat intelligence to security event source, analyze, detect and fix known vulnerabilities. In support of big data security, secure operating platform continue iterative detection strategies, optimizationSecurity event handling mechanism, and vehicle networking massive data visualization rendering, real-time control of network security posture of the vehicle.
5, good car security depend on ecological construction and sincere cooperation, specializing in surgery industry, Internet companies and security companies rely on technology precipitation and accumulation in the traditional IT field, followed by the rapid development of network security car footsteps of related automotive electronic and electrical products and solutions have unique research and insights. The automobile industry this ldquo; software-defined vehicle rdquo; major changes, only the downstream industry chain enterprises carry out their duties, their respective merits, and concerted efforts to jointly enhance network security to the car hierarchical ldquo; active depth defense rdquo; new heights.
