ConnectedCars Printed 20160321 .pdf
Original filename: ConnectedCars_Printed_20160321.pdf
This PDF 1.5 document has been generated by Adobe Illustrator CC 2015 (Windows) / Adobe PDF library 10.01, and has been sent on pdf-archive.com on 22/03/2016 at 20:54, from IP address 66.216.x.x.
The current document download page has been viewed 207 times.
File size: 927 KB (1 page).
Privacy: public file
Download original PDF file
Understand the Attack Surface
The numerous applications hosted
in connected vehicles present
potential vulnerabilities for hackers
to exploit. Aftermarket devices,
applications and utilities expand
the attack surface through their
own Internet connectivity and
vulnerabilities. Add-ons present a
social engineering opportunity for
hackers, who could send drivers
purportedly-official, but in reality,
already-hacked add-ons for
insertion in cars.
Attackers will attempt to connect to the car through one of its many points of
connectivity and then pivot along its network to reach the components that
help them execute their plan, whether that be to control some aspect of the
car, corrupt or steal customer information, or find and publicize vulnerabilities.
Attackers might look to access
manufacturing systems by gaining a
beachhead on the corporate
network and then pivoting to the
manufacturing network. Once on
the manufacturing network, attackers could disrupt operations,
destroy equipment, or corrupt
software. Corrupted software could
introduce backdoors to remotely
control the cars.
With multiple public-facing components,
carmakers’ corporate networks represent
an easy way in for attackers. On these
networks are sensitive assets and systems
that attackers covet, and potentially
gateways to the manufacturing network.
Given that hackers have been known to
attack trusted third-party connections, the
attack surface extends to a car company’s
partners and vendors.