Device protects cars against ransomware attacks

Technology News |
By Christoph Hammerschmidt

In the past years, IT users experiences multiple waves of ransomware attacks: Hackers infiltrated PCs and laptops with malware which typically encrypted their hard drives; when that job was done, the malware demanded payment of a ransom and in return promised to provide a key for decryption. For vehicles, this procedure so far has not been observed, and no case of ransomware for cars has been published yet.

However, ERM believes it a realistic scenario that this phenomenon could spread to the world of vehicles. “It is not common yet, but it will be”, the company said. “As more and more vehicles on the road are connected, the threats will increase and become more common.”

The eCyber is installed between the vehicle’s external communications device and the CAN bus. The eCyber performs as a secure gateway for outside communications to the CAN Bus, allowing only communications with predefined and known parameters and values to go through. At the same time, it immediately blocks any unrecognized communications to and from the CAN Bus. In this way, no malicious digital communications can disrupt the functioning of the vehicle. The eCyber, which is installed in the vehicle, is a combined hardware and software solution in a single compact box.

Although contemporary cars are already equipped with a firewall as standard, which can stop such malware, eCyber is a superior solution, claims ERM. The reason: eCyber fends off all unknown messages in real-time, while classical firewalls receive the message, check it, and only then decides whether it is permitted or not – a process, that could slow down the communication.

In contrast to solutions available on the market, ERM’s eCyber can be installed in a vehicle by authorized parties, such as vehicle importers and fleet managers in the aftermarket stage – after the vehicle left the factory, as well as by the OEM itself during the manufacturing process, ERM claims.

To support its argument, ERM quotes a study by security technology company Irdeto: According to the Irdeto Global Connected Car Survey, published in late 2017, consumers’ concern about the cyber security of connected cars is liable to discourage them from buying one. 85% of respondents said that they believe that a connected car is liable to be a target for a cyber attack.

The eCyber technology, for which ERM has registered a patent in Israel, is due to be available in the 4th quarter of 2018.



Linked Articles
eeNews Europe