News Categories

There is a flaw in the automotive CAN standard that leaves countless cars vulnerable

By Kenny Yeo - on 18 Aug 2017, 10:58am

There is a flaw in the automotive CAN standard that leaves countless cars vulnerable

Security firm Trend Micro has just published a blog post that highlights an important inherent flaw in a vehicle's CAN (Control Area Network) bus system.

Nearly all modern vehicles today rely on the CAN standard to allow its various ECUs (electronic control unit) to communicate with each other.

Researchers found a flaw that could potentially allow hackers to disable key components such as safety mechanisms like parking sensors, air bags, door locks, or even the anti-lock brake system.

Very briefly, the flaw works by forcing errors in the message transmission between the car's various ECUs. Force enough errors and it can trick the component into thinking that it is defective. After which it will shut itself out from further communication.

For a deeper understanding of how the flaw works, check out this detailed write-up by Wired.

And in the video above, an Alfa Romeo Giulietta is shown having its parking sensors disabled.

Fortunately, if it is any consolation, this particular flaw requires hackers to have direct access to the car's CAN bus network, or another exploitable vulnerability through the car's Wi-Fi or cellular connection, or via a compromised device plugged into a car's ODB port.

In other words, it would be hard to execute this flaw remotely.

Nevertheless, it is worrying to see the CAN bus standard, in which countless cars rely on for communications, has a vital and inherent flaw.

It also goes to show that automakers have really got to step up in security in our increasingly connected world.

Source: Trend Micro, Wired, Forbes

Join HWZ's Telegram channel here and catch all the latest tech news!
Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.