The document discusses security vulnerabilities in connected cars. Modern vehicles contain over 100 processors controlling critical systems, essentially making them computers on wheels. This presents multiple points of vulnerability, with primary attack points being the OBD2 port located under the dashboard and mobile applications interfacing with vehicle systems. Hackers can extract binary code from these systems, reverse engineer the software, and tamper with code to deploy malicious software affecting systems like the engine, brakes, or airbags. The infotainment system is also vulnerable due to hosting sensitive apps.

1. CONNECTED CAR
HACK
UNDER THE HOOD OF A
new security vulnerabilites all drivers should be aware of.
Today’s modern vehicles can contain over 100 processors,
many of which control critical systems within the vehicle.
Essentially a computer on wheels, the connected car presents
MULTIPLE POINTS OF VULNERABILTY
PRIMARY ATTACK POINTS
CAR GETS HACKED
devices which monitor speed, braking, and location.
Located underneath the dashboard, the OBD2 port
is a physical connection that is highly vulnerable.
This diagnostic port is used to connect third-party
OBD2 Port
that expose vehicle data or functionality.
Interfacing with vehicle systems are applications
running on the driver’s personal mobile device.
These applications may contain binary libraries
MOBILE APPLICATIONS
Infotainment
Engine
Locks
Brakes
System
Airbags
OBD2 Port
EXTRACT BINARY CODE
FROM DEVICE
REVERSE-ENGINEER
SOFTWARE
TAMPER WITH
BINARY CODE
REDEPLOY
MALICIOUS SOFTWARE
High ThreatModerate ThreatLow Threat
Mobile
Applications
1
2
3
4
easily hacked if not protected.
Typically the primary communication interface of
a connected car, the infotainment system hosts
high-value and sensitive applications that are
INFOTAINMENT SYSTEM
1
&
2
3
4
KEEP SOFTWARE
UPDATED:
DON’T JAILBREAK
YOUR CAR OR DEVICE:
CHECK OUTLETS
PERIODICALLY:
ASK MANUFACTURER
IF APPS ARE HARDENED:
TO PREVENT IT
WHAT YOU CAN DOHOW A CONNECTED
HACKABILITY
Check with your manufacturer
and service provider to make
sure you always have the
In addition to making your car
less secure, it may also void
warranties.
what you choose to plug in.
Make sure you know what is
plugged into any USB or OBD2 ports
on your vehicle. Carefully consider
latest version installed.
to download.
Verify that all mobile and pre-installed
apps are hardened, in addition to
any third-party apps you choose
VEHICLE TO VEHICLE VEHICLE TOVEHICLE TO DEVICE
NFC
802.11p
802.11p
INFRASTRUCTURE
What’s 802.11p?
A new wireless standard that
enables ITS or Intelligent
Transportation Systems.
Did you know?
By 2020, it’s expected that
75% of cars shipped globally
will have internet connectivity.
Reverse-engineering
tools (i.e. IDA pro) are
fast, low in cost and
easy-to-use.