Real World Attack-GM Ownstar
Broadly
speaking, the messages are sent to the vehicle and can be sniffed (Evenchick,
2013) with various tools. This process is not exceptionally complicated and
requires a bit of sophistication. The vendor for this specific attack was OnStar
(Cluley, 2015), who provides services to General Motors (GM) vehicles. OnStar
uses the AT&T cell network to connect with the GM vehicles. OnStar’s Remote
Link mobile app function allows the user to remotely connect to the car from a
smartphone, much like other vehicle manufacturer’s connectivity. The attack had
been named Ownstar, which was created by Sam Kamkar so he could hack his 2013
Chevrolet Volt (Perkins, 2015). The cost of the equipment was not significant
to the point to be prohibitive to construct it. The equipment expense was
estimated at $100 to create (Paganini, 2015; Cluley, 2015). At this price
point, nearly all relevant parties would be able to construct this with ease.
The
attack used a simple main-in-the-middle (MitM) attack. As the vehicle was
contacted, this would send the return message(s). These messages between the
user and vehicle were intercepted. This showed the vehicle’s location and model.
Once the attacker has this, the vehicle can be located, unlocked, and the Remote
Link function could be used to start the vehicle. This issue may appear to be
not significant, however this is a breach of the security. This attack also was
limited in scope and there could have been other abuses of the app that would
have been able to further disable the vehicle. With more time placed on the
project, there may have been further vulnerabilities found.
The
issue was with the smartphone app and not with the physical vehicle. This was
the weak link that was easily exploitable. The vulnerability was fixed with an
update for the app (Finkle & Woodall, 2015). The first patch did not catch
all of the issues and a second patch had to be downloaded (Stevens, 2015).
References
Cluley,
G. (2015, July 30). How to hack, track and unlock a GM car via On Star.
Retrieved from https://www.grahamcluley.com/2015/07/hack-track-unlock-car-onstar/
Cluley,
G. (2015, September 11). Millions of General Motors’ cars were vulnerable to
hackers for almost five years. Retrieved from http://www.notforsecurity.com/blog/millions-of-general-motors-cars-wree-vulnerable-to-hackers-for-almost-five-years-12649.html?utm_source=cluley&utm_campaign=c77584ad4b-Graham_Cluley&utm_medium...
Evenchick,
E. (2013, October 22). CAN hacking: The in-vehicle network. Retrieved from http://hackaday.com/2013/10/22/can-hacking-the-in-vehicle-network/
Finkle,
J. & Woodall, B. (2015, July 30). Researcher says can hack GM’s OnStar app,
open vehicle, start engine. Retrieved from http://www.reuters.com/article/us-gm-hacking-idUSKCN0Q42FI20150730
Paganini,
P. (2015, July 31). Hack your general motors car with $100 ownstar. Retrieved
from http://securityaffairs.co/wordpress/38999/hacking/hack-gm-cars-ownstar.html
Perkins,
C. (2015, July 31). Hacker discovers a major vulnerability in GM cars, hijacks vehicle
functions. Retrieved from http://mashable.com/2015/07/31/gm-onstar-hack-#TXV0RdSrScqr
Stevens,
T. (2015, July 30). GM issues fix for On Star hack. Retrieved from http://www.cnet.com/roadshow/news/ownstar-onstar-hack/
No comments:
Post a Comment