TowerSec’s tech knocks car hackers out of driver’s seat
An Israeli start-up has developed the world’s only solution to prevent connected vehicles from getting hacked
The age of the connected car is here, and with it comes the age of the hackable car.
With many cars equipped these days with Bluetooth, Wi-Fi, GPS, XM satellite and even remote unlocking connections, hackers can take control of key components of vehicles, scramble or change data in their computers, or unlock and disable them. This allows them to “raid” a vehicle’s trunk, or hold the driver hostage until they pay a “repair fee.”
Such hacking is no longer the stuff of science fiction, or even a problem that affects only high-end vehicles. A US Senate report issued last week slams carmakers for failing to do anything substantive about the problem. To date, there have been few solutions to protect car owners and drivers from vehicle hacks; the electronic control units (ECUs) that hackers access to make unauthorized changes to the way vehicles work are generally inaccessible, with only the authorized repair shop having the equipment to communicate with these ECUs.
That’s why the solution proffered by Israel’s TowerSec, an automotive cybersecurity supplier, is likely to be extremely popular among drivers and manufacturers, believes Saar Dickman, CEO of TowerSec.
“Our ECUSHIELD solution is the only tested and proven software security solution available for immediate deployment” to prevent vehicle hacking, he said. “It detects and prevents cyberthreats on vehicles in real time and can be integrated into existing and future vehicles with no redesign.” Best of all, he added, is the price. For less than $10 a vehicle, manufacturers get protection from the full array of cyberattacks that modern vehicles are subject to.
That array is a big one – and hackers have already figured out how to game protocols used in vehicles – such as CANBus, LINBus, MOST, TPMS, V2V, or any of the other alphabet soup of communication methods that most drivers have never heard of, but are a part of their vehicles, and are vulnerable to hackers. There are numerous web sites where hackers can exchange tips on how to break into these protocols, and there is even a free, downloadable handbook on the subject.
That kind of activity makes a lot of people nervous – and with recent high-profile media reports on how hackers managed to disable braking and steering systems, US Senator Edward J. Markey (D-Massachussetts) decided to check out what manufacturers were doing about the problem.
Apparently not much, he discovered. In response to letters he sent to top car manufacturers in the US and abroad, only two automobile manufacturers were able to describe any capabilities to diagnose or meaningfully respond to an infiltration in real time, and most say they rely on technologies that cannot be used for this purpose at all.
According to Markey’s report, hackers can take control of ECUs relatively easily and they can also get hold of the large amount of data the manufacturers collect on how vehicles are used via the communication systems. Although connected vehicles could go a long way to improving safety, the benefits will be more than canceled out if manufacturers cannot keep their vehicles from hackers.
Markey is right to be concerned, said Dickman, but what he doesn’t know is that Herzliya-based TowerSec has been working with manufacturers for some time now to develop security systems for vehicle communication systems.
“While we cannot comment on specific attacks on vehicles and devices made by hackers, we can say our goal, as well as the goal of our customers, is to ensure vehicles are safe and secure,” he added.
The best part about ECUSHIELD, said Dickman, is that it can be integrated into ECUs and other components “as is,” without the need for redesign.
“Once integrated into a CANBus accessible ECU or telematics control unit, ECUSHIELD provides continuous monitoring while identifying new threats to the vehicle. It prevents malicious communication from reaching mission critical systems inside the vehicle that could put lives and personal data at risk,” he said.
That manufacturers are enamored of TowerSec’s solution is evidenced by the award the company got at last month’s North American International Auto Show (NAIAS) for its work on automotive cybersecurity. Named the “Hottest Start-up” of NAIAS, ECUSHIELD was chosen over technologies from four other competitors for the coveted prize.
“The award further establishes TowerSec as a leading global solution provider preventing threats modern vehicles face today or will face in the future,” said Dickman.
Everyone in the industry agrees that connected vehicles are here to stay, and they will just get more ubiquitous, with more sophisticated services beamed at them, in the coming years, which means that the need for a security solution is all the greater, and urgent
“As vehicles become more and more connected, the threat increases and will be even greater when self-driving or autonomous cars become available,” he added. “ECUSHIEFD is the answer.”
https://www.youtube.com/watch?v=MOykFMf15K0