Protecting vehicles from
Protecting vehicles from unauthorized access
Vehicles are becoming more and more connected and this will only continue moving forward.
The more connected they become, the higher the chances for unauthorized access to these vehicles, either to the vehicle itself or to the vehicle computers through exploiting software vulnerabilities.
Most of the cyber-attacks and malicious code infiltrating into vehicles today use the vehicles’ internet connectivity as the entry point. This can occur from a Wi-Fi access point or from the cellular network. In both cases, the attackers fake a legitimate AP/base station and manipulate the vehicle into connecting to them. Current security solutions are not suited for these man-in-the-middle type attacks.
When implemented in vehicles, LEVL’s technology is able to see the unique fingerprint of every device that attempts to connect to the vehicle and to stop unauthorized connections. By preventing rogue wireless connections, LEVL eliminates the main entry point for malicious code rather than dealing with it when it is too late.
Solving vulnerabilities of vehicle access systems
The existing PEPS technology, as well as the next generation smart key systems, are easy targets for relay station attacks. This explains why the number of vehicle theft cases is sky-rocketing in recent years. In a relay attack, which is a “two-person job”, two devices are used which maintain a wireless/wired connectivity between them. The first impersonates the fob and communicates with the vehicle and the second impersonates the vehicle and communicates with the fob. This way attackers with signal relaying devices can unlock and start a car by relaying signals from the car to the owner’s fob/smartphone and back.
While this used to be a difficult attack, today the required equipment to perform this attack is available for less than $50 and all the software and instructions to do it are readily available online.
In other scenarios, attackers can also steal credentials to get access to a vehicle. For manufacturers, these two problems cannot be solved by using existing authentication solutions or by range bonding.