In the December 15, 2018 article we have posted here in Hackercombat.com the story of Toyota developing their own open-source car hacking platform, the Japanese automotive giant has publicly demonstrated their Portable Automotive Security Testbed (PASTA) systems for the Black Hat Europe 2018. This is to entice developers around the world to check out their system and commit their own contribution to improve the platform, in hopes to be a step ahead of hackers in the field of hacking cars.
The first case of a car being taken over by a remote party (but not driven it) was way back in 2002 in Forbes. With the first ever mention of an actual remote 3rd party driving an automobile was published in July 2015 in a Wired article. To the surprise of the owner, he described the experience as “disabled my brakes, honked the horn, jerked the seat belt, and commandeered the steering wheel.”
A total takeover of someone else car is a realization of Science fiction, as Upstream Security Global Automotive Cybersecurity Report 2019 states that an estimated $24 billion for the next five years will be absorbed by the automotive manufacturing industry due to car hacking. Using data analytics against the record of alleged car hacking incidents for the last 8 years, Upstream researchers were able to extrapolate the future in the car hacking scene.
“With every new service or connected entity, a new attack vector is born. These attacks can be triggered from anywhere placing both drivers and passengers at risk. Issues range from safety-critical vehicle systems to data center hacks on back-end servers, to identity theft in car sharing, and even privacy issues. The risk is immense. Just one cyber-hack can cost an automaker $1.1 billion, while we are seeing that the cost for the industry as a whole could reach $24 billion by 2023,” explained Oded Yarkoni, Upstream’s Marketing Head.