Security MIA In Car Insurance Dongle

  /     /     /  
Publicated : 22/11/2024   Category : security


Security MIA In Car Insurance Dongle


A researcher finds security holes in Flo the Progressive Girls Snapshot insurance policy product.



S4x15 Conference -- Miami -- A researcher who peered under the hood of a dongle that plugs into a cars network to track a drivers habits and calculate policy rates found glaring security weaknesses in the device that ultimately could be used to hack a vehicle wirelessly.
Corey Thuen, a senior researcher with Digital Bond Labs, reverse engineered Progressive Insurances SnapShot device -- used in 2 million US vehicles -- and tested it on his 2013 Toyota Tundra truck. After picking apart the hardware and testing its wireless communications while plugged into the vehicles ODP-II diagnostic port on the cars local network, Thuen found the Progressive dongle doesnt authenticate to the cellular network or encrypt its traffic. The firmware isnt signed or validated, and theres no secure boot function. Also, the device uses the notoriously unsecure FTP protocol.
The device runs on CANbus, the very same network where key vehicle functions -- including braking, park assist steering, and ECU -- are housed. It sends messages over the CAN to request information from the vehicles computer systems, such as revolutions per minute, to calculate the drivers ultimate insurance policy rate.
Anything on the bus can talk to anything [else] on the bus, he says You could do a cellular man-in-the-middle attack on the devices communications to Progressive, because theres no authentication or encryption. But a MITM would require spoofing a cell tower to capture the traffic, which Thuen did not test.
It would be easy for data to be leaked wirelessly. What happens if Progressives servers are compromised? he says. An attacker who controls that dongle has full control of the vehicle.
This isnt the first such experiment with dongles that attach to car networks. Most recently, researchers at
Argus Cyber Security performed a similar hack of the Zubie
, which checks for possible problems with the vehicle and lets drivers track their driving habits and trends and share their locations with friends. Researchers Ron Ofir and Ofer Kapota found similar security weaknesses, which they demonstrated could allow an attacker to take control of the engine, brakes, steering, and other functions wirelessly. Thuen says he heard about the
Argus research
after he began his own. It is very similar, but the Argus researchers took it a step further by testing out possible exploitation, whereas he focused on the security flaws. I did not conduct weaponized exploitation with the end goal of controlling the car. [I] merely looked for the possibility.
He picked Flo the Progressive Girls product to test mainly because he could get a free trial, and he expects most similar devices to contain the same security weaknesses. I used Progressives dongle, but it could have been anybodys. I signed up, and they give you a free trial.
Progressive Insurance
told Forbes
:
The safety of our customers is paramount to us. We are confident in the performance of our Snapshot device -- used in more than two million vehicles since 2008 -- and routinely monitor the security of our device to help ensure customer safety.
However, if an individual has credible evidence of a potential vulnerability related to our device, we would prefer that the person would first disclose that potential vulnerability to us so that we could evaluate it and, if necessary, correct it before the vulnerability could be exploited. While its unfortunate that Mr. Thuen didnt share his findings with us privately in advance, we would welcome his confidential and detailed input so that we can properly evaluate his claims.
Car hacking research is nothing new. Chris Valasek and Charlie Miller have led the way with groundbreaking research, including demonstrating how to wrest control of a cars automated features such as braking and acceleration.
Thuen says there are blatant similarities in the security weaknesses of car network devices and ICS/SCADA environments. You need to be careful of what youre plugging into your CANbuses and in your SCADA systems. We look at embedded devices all the time, such as relay station controllers for plants. They have the same type of lack of security architecture.

Last News

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Security MIA In Car Insurance Dongle