-
Book Overview & Buying
-
Table Of Contents
Offensive Automotive Cybersecurity
By :
In recent years, many prominent vehicle security breaches have demonstrated that the cloud backend and associated APIs are an attractive target for attackers aiming to establish a foothold in the vehicle. In this chapter, we examined how security weaknesses common in IoT systems, such as broken authentication, poor encryption, and vulnerable APIs, also manifest in automotive backend architectures. Through an overview of typical connected vehicle backend designs on Azure and AWS, we saw that vehicles are essentially IoT devices on wheels, relying on cloud services to extend their functionality.
We then surveyed how design and implementation flaws can creep in, from trusting user-supplied identifiers like VIN, to leaving an admin portal exposed, to shipping devices with default passwords. Real-world case studies confirmed that these weaknesses are not just theoretical. In each case, attackers (in this instance, researchers) were able to exploit the same kinds of issues that plague...
Change the font size
Change margin width
Change background colour