FireEye Stories

Cyber Threats to the European Automotive Industry Part One: The Connectivity of Cars and the IoT

Information vulnerability and risk come in all sorts of shapes and sizes. Malicious and unintentional disclosures by employees and partners are part of our everyday lives. Almost everything and everyone is a potential target in today’s connected world and the rapidly converging Internet of Things (IoT). Reducing these risks and vulnerabilities is both a business imperative and a legal mandate as recent regulations (GDPR, for example) oblige organizations to protect certain types of information.

Automobile manufacturing is dependent on sensitive data interactions; information transmission, especially transmission between networks, brings increased cyber security risk. Regardless of their size, every organization has one thing in common: information. Information comes with responsibility. Organizations must protect the information itself, have visibility regarding where their confidential data resides on their network, have influence over where that data is going, and implement a policy for managing it. A strategy that balances the organization’s legal and business needs to protect information is vital.

Most automotive organizations have invested in information and network security in an effort to protect their systems so that customer and proprietary data will not be damaged, leaked or altered through unintentional or malicious attacks. The aim is to maintain business continuity. This means that the scope of information security is very broad and includes leakage, bad information, confidentiality, integrity, and validity of customer and business information.

The aim of cyber security is to strictly protect the greater IT infrastructure: ensuring hardware, software and data, both at rest and in transit, is not damaged, leaked or changed and there is continuity of services to the business. However, recent innovation in the industry has led to potential additional risks.

IoT, connected cars, autonomous driving: the automotive industry has evolved rapidly to become more modern, flexible, and automated. Cars and production lines, value chains and logistics are radically changing. However, many changes that appear positive at first glance offer new entry points for cyber attackers. At the beginning of 2015, security researchers demonstrated how vulnerabilities in a vehicle's control software were exploited to introduce malicious code and influence steering.

FireEye investigators have observed state-sponsored actors targeting the European automotive industry. It is only a matter of time until threat actors home in on our connected vehicles. As technology in vehicles becomes more complex and increasingly connected to the Internet, vehicles will likely become more vulnerable to compromises.

IoT applications for vehicles are creating enhanced value for the automotive industry. From vehicle locking to tracking and service management, IoT is transforming automotive business models across all vehicles, redefining additional uses for the consumer at an escalating rate. For both commercial and consumer use, IoT applications create entirely new opportunities for vehicle manufacturers.

Every organization is at risk of confidential information loss. Like other businesses, the automotive industry faces an array of growing risks. With the rapid development of connectivity to the Internet, we have gained some incredible leaps in communications, sharing, economic benefits and growth, as well as convenience. However, these developments also bring new potential risks, such as remote access control, locking and unlocking, and manipulation of vehicle systems ranging from lights to anti-lock brakes, to sensors designed to detect pedestrians or other cars.

More innovation in the industry means that more features are being developed to make life easier for the motorist—electric windows were wonderful, weren’t they? However, keyless entry systems, which can be controlled by your phone, or proximity entry systems, whilst very convenient, do open these systems up for attack. And not just to gain access to cars, but also to show how vehicles can be exploited in several frightening ways. As far back as 2015, researchers have proved that vehicles can be hacked even remotely to manipulate heating systems. Take this one stage further and manipulating vehicles once they are travelling could have disastrous dangers to drivers and pedestrians. And even worse, manipulating sensors on vehicles that are more autonomous (autopilot) sets the danger bar even higher.

With major players in the automotive industry competing to develop autonomous vehicles, it is likely that there will be an increased focus from cyber actors to target the industry. Not only could cyber espionage increase with the intention of stealing research for financial gain or disrupting research or sabotaging development, but now that state-sponsored actors are looking to create political or economic disruption, even small-scale attacks on connected vehicles could serve these goals.

It’s clear that with the connectivity of vehicles through navigation systems and the IoT, cyber threat actors could increasingly take advantage of the possibilities to steal for competitive, financial and disruptive gain. Additionally, the potential dangers facing motorists and pedestrians alike is particularly disturbing due to the possible physical impact of a successful attack. The industry must build in and improve security measures against attackers both in production and post production to protect civilians against these threats.

FireEye’s fundamental belief is that hands-on frontline expertise and intelligence, combined with innovative technology, provides the best means to protect customers from cyber threats.

FireEye is on the front lines of cyber attacks every day. Our experts' knowledge of the threat landscape provides insights that enable us to build the best technologies in the industry. All of our solutions and services equip our product teams with a constant source of feedback. Technology alone is not enough to combat cyber threats. At FireEye, we use a unique innovation cycle that combines technology with expertise to continuously improve solutions at a speed and sophistication unmatched in the industry. Our real-time knowledge of the threat landscape ensures that our offerings provide the best means to protect our customers. We are constantly guided by our frontline expertise as we build our products, deliver threat intelligence, and arm our services team to prepare for, respond to, and prevent breaches.

Consider the benefits of Advanced Threat Protection, FireEye Mandiant Consulting Red Team or Compromise Assessment together with FireEye Threat Intelligence to give automotive companies the ability to outmaneuver attackers.