Published: October 06, 2015 | Ottawa, Canada
Canada’s military researchers are turning to hackers to find ways to defend — and exploit — motor vehicle computer systems. Defence Research and Development Canada (DRDC) plans to hire security consultants to find vulnerabilities in a test vehicle’s computer systems, and to show the military how to defend against such attacks.
The total value of the contract is estimated at $620,000.
DRDC, the military’s cutting-edge research agency, said their need is twofold: they have to understand all the different ways a car can be hacked, and they need to develop countermeasures against those hacks.
The consultants will first be asked to find as many vulnerabilities as they can in a test vehicle’s system, and then develop “exploits” to take advantage of those vulnerabilities. The consultants will then be asked to develop countermeasures to defend against their own exploits.
The agency noted that cars built in 2014 can have up to 100 on-board computer systems running 60 million lines of code. Vehicles are also increasingly connected to other devices, like mobile phones, through both wired and wireless connections.
Dave Lewis, a global security advocate with Akamai in Toronto, said that there is “no shortage” of researchers looking into car vulnerabilities.
“It is a rather significant game of keep up,” Lewis said in an email to the Star. “The public should be aware that as cars become progressively more technologically advanced that security related events will happen.”
Lewis said the easiest way to defend against a car’s vulnerabilities is to disconnect it from wireless networks and limit the vehicle to physical interactions only — although he noted that might not be practical for the average person just trying to get from A to B.
So he recommended car owners pay attention to recalls associated with their vehicles’ computer systems, in addition to familiar issues like brake or airbag recalls.
DRDC expects the research to wrap up by March 16, 2016.
Source: The STAR