HQ/EMEAFind out how we can help your business
Criminals use a new cybersecurity attack called headlight hacking to acquire access to a targeted vehicle’s interconnected systems through its headlight. Researchers claimed that the attackers utilised a simple device that resembles a Bluetooth speaker, promoted on the dark web, as an emergency starter device for compatible smart cars.
The emergency-started device allows users to bypass security prompts and acquire direct access to the vehicle’s function when connected to the Controller Area Network (CAN). Hence, the attackers could have exploited the bypass to access the car ignition without a key.
Recently collected data indicates that the attackers accessed the CAN system through the headlight’s Electronic Control Unit (ECU).
Researchers explained that this vulnerability is present in Toyota RAV4 2021 model. However, headlights are not the only defective part of the car since there are several possible ways for hackers to get to the vehicle’s CAN systems.
The headlight hacking attack could affect all CAN-featured automobiles.
According to investigations, the newly discovered flaw for headlight hacking is present in all OEM or car models. Moreover, all vehicles that use the CAN-bus feature for interconnectivity are prone to such threats.
Connected cars usually have multiple CAN buses linked through connectors or a gateway device. Car manufacturers include this feature to exchange messages with various sensors installed in the CAR via CAN bus prompt.
Threat actors or carnappers could easily exploit these components by pulling bumpers and other trim pieces and linking the compatible emergency start device to an accessible CAN bus. Furthermore, adversaries could acquire direct access to the automobile’s central system once connected, enabling them to send signals across the car. Some researchers call this process a CAN injection attack.
Cybersecurity experts explained that the favourable factor with these campaigns is that it requires physical access to the car and an attacker. Therefore, these attacks only require an attacker to remove body panels to acquire access to the CAN system.
Car owners should have a private enclosed parking lot or a well-monitored enclosed area to prevent carnappers from executing these carnapping campaigns.
