ELIoT Pro: an adaptable cyber solution for different IoT sectors | #9

ELIoT Pro: an adaptable cyber solution for different IoT sectors | #9

As one of the examples of ELIoT Pro’s applications in different industries, Jack Wolosewicz presents the use case of securing smart homes and connected cars. In both of these examples we encounter the problem of cyber security, however, it’s a way different issue.

How easy is it to steal your car?

Today there is a number of existing keyless car access solutions used in the automotive industry. Unfortunately, they are vulnerable to a number of hacking attacks – simply to steal the car.

Car owners around the world are witnessing the proliferation of keyless entry car theft as more criminals are using radio transmitters to perform “relay” car hacks exploiting vulnerabilities of keyless entry system.  And this way of stealing vehicles through the re-programming of remote-entry keys is a massive problem for an entire industry.

The German General Automobile Club (ADAC) has tested 237 keyless cars[1] (models that unlock and start automatically when the key is close by) and found that thieves can easily trick 230 of them into thinking that your key is closer than it really is, enabling them to unlock and start your car. A further four cars can be either unlocked or started. Only three were not susceptible at all. This means 99% of the cars tested have some form of security flaw.

The device required to execute the theft can be readily purchased or built from easily available components.

What methods are used by thieves?

There are many methods to steal a car, but one of them is very popular: relay attack.

Relay attack

Relay car theft, or ‘relay attack’ is when criminals use the keyless entry system of a car against itself by tricking the car into thinking the wireless remote is next to it. It works on cars where you can enter and start the car without using a key.

How does a relay attack work?

  1. Your wireless key is transmitting a signal within a distance from the car (sometimes even up to 100m!)
  2. A criminal standing near you (and your key) with a device that tricks the key into broadcasting its signal
  3. Another criminal standing near the car with a receiver that tricks the car into thinking it is the key

The criminal standing near the key uses a device to detect the key’s signal. This is relayed to another criminal holding the receiver which is then detected by the car as the key itself. It will open and start the car.

It is yet unknown how many cars are being hacked & stolen using this method. Despite being aware of the problem car manufactures, to date, they have done very little to address it.

How ELIoT Pro can help?

The ELIoT Pro’s Machine-to-Machine solution adapted for the needs of the automotive industry is a mobile-app based, keyless car access cyber security mechanism that is a remedy to the cloning and the rely attacks. It uses Cyberus Labs’ proprietary concept and technology  to eliminate this kind of attack. The solution consists of 3 layers (Human-to-Machine, Machine-to-Machine secure communication, and a protected data layer). It is one of the examples of how ELIoT Pro system can apply to different smart industries.

[1] https://www.verdict.co.uk/keyless-cars-theft/, https://www.adac.de/rund-ums-fahrzeug/ausstattung-technik-zubehoer/assistenzsysteme/keyless/