We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Hacking cars in the style of Stuxnet

Formal Metadata

Title
Hacking cars in the style of Stuxnet
Title of Series
Part Number
29
Number of Parts
29
Author
License
CC Attribution 3.0 Germany:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
We believe that the most important impact of Stuxnet in the long run is that it provides a blueprint for carrying out similar attacks in different embedded computing environments. To demonstrate this, we started experimenting with attacking cars in the same style as Stuxnet attacked uranium centrifuges. Our experiments show that it is relatively easy to perform dangerous modifications to the settings of different car electronic control units. by sSimply infecting the mechanic's PC or laptop that runs the diagnostic software used to manage those ECUs in the car, and replacing the DLL responsible for communications between the diagnostic software and the CAN bus with a malicious DLL, that we can implements man-in-the-middle type attacks (e.g., replay or modification of commands). As a proof-of-concept, we managed to forge a message that switches off the airbag of an Audi TT without the mechanic noticing the misdeed.